Instant Linkbuilding Solutions
Because we have identified the WAN links that connect the sites within our design, we can decide easily on the site links that we will need to support the design at this point. Site links are objects that are created to connect sites so that replication can be controlled. You also need to address other considerations such as replication, log-on authentication control, and application support. Site link bridges are collections of site links that allow replication traffic from domain controllers in one site to pass to domain controllers in another site when no explicit replication partners exist in the intermediary site that connects them.
Introduction When you plan for site links, you determine the replication schedule, interval, Determine the site link interval. To control the replication interval, set the number of minutes between replication attempts on site links. Typically, you set the global default replication frequency to 15 minutes and set a longer frequency on site links that correspond to slow connections to branch offices. The longer frequency uses the link more efficiently, but it increases replication latency. Note If you want to use multiple replication schedules for the same transport, create multiple site links that have different configurations.
The overall topology of intersite replication is based on the use of site links and site link bridges. Site links are logical connections that define a path between two Active Directory sites. Site links can include several descriptive elements that define their network characteristics. Site link bridges are used to connect site links together so that the relationship can be transitive. Figure 4.5 provides an example of site links and site link bridges. FIGURE 4.5 An example of site links and site link bridges FIGURE 4.5 An example of site links and site link bridges When creating site links for your environment, you'll need to consider the following factors Assigning a cost value Multiple site links can be created between sites. Site links can be assigned a cost value based on the type of connection. The systems administrator determines the cost value, and the relative costs of site links are then used to determine the optimal path for replication. The lower the cost, the more likely...
Site links assist the Knowledge Consistency Checker (KCC) in identifying the appropriate Active Directory replication topology. It is important that manually created connections be relevant to the underlying network topology. Site links are critical to the KCC, and without them there is no way to identify the appropriate AD replication topology. You need to thus ensure they are configured correctly.
Site links are used to connect two or more sites together for the purpose of replication. When you install Active Directory in a new forest, a new site link called the DEFAULTIPSITELINK is created. As you add additional sites to the forest, these sites are included in the default site link unless you have configured other site links. If all of the network connections between sites are the same speed and priority, the default configuration can work. In this case, the change these properties, the changes would affect the replication topology for all sites. By cre- g ating additional site links, you can configure different replication properties when the network connections between sites have different speeds and priorities. Creating additional site links helps the designated Inter-Site Topology Generator (ISTG) for a site to prioritize the site links and determine when a site link should be used. It doesn't, however, change the way intersite replication works. Replication traffic...
Introduction You create site links in Active Directory to map connections between two or more sites. When you configure site links, you can define the site link properties, which include the cost, replication interval, schedule, and sites that the link is associated with. Procedure for creating To create a site link, perform the following steps site links Procedure for To configure site links, perform the following steps configuring site links Why Disable Default Bridging of All Site Links Introduction A site link bridge creates a chain of site links that domain controllers from different sites in the site links can use to communicate directly. Bridging is useful to constrain the KCC to particular paths in the site-link topology. By default, site link bridging is enabled and all site links are considered transitive. That is, all site links for a given transport implicitly belong to a single site link bridge for that transport. So, in a fully routed IP network, it is not necessary to...
Site links connect two or more sites together. Site links are similar to Exchange connectors and are configured similarly. The links are unidirectional and, like Exchange and WINS, are used to set up the replication network topology. You need to do very little work to create site links because Active Directory automatically creates them when you create sites and add DCs to them. You can, however, manually configure sites, and it may become necessary as you set up links to deal with special circumstances, redundancy, and the like. Because site links are unidirectional, you need to establish them in two directions. There are a number of options you can set, because site links are managed according to the existing infrastructure of a wide area network. The configuration options are as follows Cost routing. You can set a cost value for a site to determine which route to the site is the cheapest. You do not want to route over links that cost per transmission as opposed to the total monthly...
When you create additional site links, keep the following in mind Use a consistent naming scheme for site links that identifies their purpose. Use RPC over IP as the transport protocol for all site links unless your network is not fully routed and you are forced to use SMTP.
What Are Sites and Subnet Objects What Are Site Links Replication Within Sites vs. Replication Between Sites How to Create and Configure Sites and Subnets How to Create and Configure Site Links Why Disable Default Bridging of All Site Links How to Create a Site Link Bridge You use sites in Active Directory to control replication and other types of Active Directory traffic across various network links. When you configure replication between sites, you can use subnet objects, site links, and site link bridges to help control replication topology. An efficient, reliable replication topology depends on the configuration of site links and site link bridges. Explain the purpose of site links and site link attributes. Create and configure site links. Explain the purpose of disabling default bridging of all site links.
Disable default bridging of all site links Create a new site link bridge Before you can create new site link bridges, you must first disable default bridging of all site links to permit the creation of new site link bridges. To disable default bridging of all site links, perform the following steps 1. Open Active Directory Sites and Services, expand Sites, expand Inter-Site Transports, right-click either IP or SMTP, depending on the protocol for which you want to disable bridging of all site links, and then click Properties. 2. In the Properties dialog box, clear the Bridge all site links check box, and then click OK. 3. Click two or more site links to be bridged, click Add, and then click OK. Procedure for disabling default bridging of all site links
Once you have created the network map, you can begin designing the required sites. Sites are collections of well-connected subnets that are used to control AD DS replication or to manage user and application access to domain controllers and global catalog servers. As with every other AD DS object, you should determine a naming strategy for sites and site links. Site links are objects that are created to connect sites so that replication can be controlled. Although a site is a logical representation of your network and may not completely represent the physical layout of your network the name for the site and site links should represent the physical location that the site represents. This is just a friendly name that is easier for you to administer. The location could represent a geographic location for organizations that have regional offices (the buildings within an organization's campus or distinct portions of a building). Once you have defined the naming strategy, make sure all the...
Your IP network is not fully routed. Turn off the transitive site link feature for the IP transport, for example, if a firewall allows replication only from domain controllers in a specific location or subnet. When the default bridging of all sites is disabled, all IP site links are considered intransitive. Therefore, configure the site link bridges to model the actual routing behavior of the network. Specify two or more site links to create a site link bridge object for a specific intersite transport, which is typically RPC over TCP IP.
Charles is designing his site topology and is trying to determine where the sites should be located and the site links that will connect the sites. When reviewing the network, he decided to create a network map that includes three locations Centralia, Sparta, and Gridley. Centralia and Sparta are connected via a T1 connection that is currently at 60 percent capacity. Gridley connects to Sparta via a 1.5Mbps SDSL VPN connection that averages 40 percent capacity. Each of the locations has approximately 1,000 users. 2. Question When creating site links, how should you configure the site links Answer Depending upon how much data will be replicated, you could use the DEFAULTIPSITELINK for all three sites. Because there is enough available bandwidth on each of the connections, the default schedule and interval should work also.
Note When you choose site links, you need to know what you are choosing, and this should be in To configure the site link, right-click the new object and choose Properties from the context menu. The site links properties for the specific site load. Add a description for the site link and add the sites to the link by moving them from the pane on the left (Sites not in this Site link) to the pane on the right (Sites in this Site link). You can then configure the cost of the site links and any special replication schedule.
This lesson presents the skills and knowledge necessary for students to plan a site strategy. Remind students about the difference between the Active Directory design and the Active Directory planning strategy, which is discussed in the first topic Overview of Site Planning Process. Discuss the guidelines that the students can apply to determine the schedule, interval, and protocol of site links, the need for site link bridges, the replication bridgehead server requirements, and the requirements for securing Active Directory replication.
In this lesson, it is assumed that you were given the site topology design by the systems architect. The design specifies the number and location of sites, site links to connect each site and their cost, availability requirements for sites to operate independently, the number of users, and site security policies. Explain guidelines for determining the schedule, interval, and protocol of site links.
Create IP site links between sites In this practice, you will create IP subnet and site objects in Active Directory and associate subnets with sites. Next, you will move server objects into the site you created, create IP site links between sites, and configure the replication cost, schedule, and interval of the links. Create IP site links between your site and your partner's site Practice Creating and configuring site links
For example, in Figure 7.1, two domains (mydomain.com and child1.mydomain.com) have been configured, along with five sites. The first domain houses 20 users and is a placeholder domain, while the second domain has 500 users, spread across sites London, Singapore, Sydney, New York, and HQ. Site links have also been defined between various sites. While the Active Directory Sizer tool is a useful utility for smaller installations, it does not scale well for larger implementations, where many sites, site links, and other administrative, political, and technical factors all affect the overall Active Directory design as well as the design of Service Placement. It is suggested that Active Directory Sizer be used only in smaller organizations where there are less than 1,000 users, and even then, the suggestions it produces should be ratified by an experienced consultant or by Microsoft.
Active Directory replication involves various terms, concepts, and objects that are used to create a replication topology, including Sites Subnets Site links Site link bridges Connection objects Multimaster replication Knowledge Consistency Checker (KCC) Inter-site topology generator and bridgehead servers SYSVOL
Besides FSMO, this chapter also focused on AD DS sites and replication of directory information between domain controllers within and outside of the site. The chapter defined sites, connection objects, site links, and bridgehead servers, and it described how replication works in detail. Intra-site replication and inter-site replication are similar, but the latter requires more administrative control, whereas replication within one site is configured automatically.
You are setting up a site structure for a brand new AD DS environment. Your network contains three remote sites linked to the hub datacenter by average latency WAN links. One of the sites is accessible only from the hub. You chose to deploy three site links with the same cost of 100. Each of those site links is linking one of the remote sites with the hub site, with two sites in every link. What else should you do
Once you have created the network map, you can begin designing the required sites . Sites are collections of well-connected subnets that are used to control Active Directory replication or manage user and application access to domain controllers and Global Catalog servers. As with every other Active Directory object, you should determine a naming strategy for sites and site links. A site's name should represent the physical location that the site represents. The location could represent a geographic location for organizations that have regional offices, the buildings within an organization's campus or distinct portions of a building. Once you have defined the naming strategy, make sure all of the administrators who have the ability to create sites understand the strategy and follow it. As an example, Company G has two domains corp.com and RD.corp.com . Five sites exist within their environment A, B, C, D, and E. Figure 8.4 shows the site layout and the site links that connect them....
By default, the KCC will evaluate the site topology created by the administrator using sites and site links, and from this model, it will construct intersite connection objects along which replication of Active Directory data will flow based on the site and site link data stored within Active Directory. The KCC will also attempt to construct a resilient topology ring within a site, using connection objects between DCs in the same site.
Application directory partitions are only available if the Domain Naming Master role is hosted by a Windows Server 2003 DC or above. Since changes can be made on any one of the DCs holding a read write copy of the appropriate partition, replication is described as multimaster, since no one server has the only changeable copy of any partition. Once a change is made, that change is replicated around the forest as per the replication topology designed and configured by the administrator. As a result, changes made on one DC might take some time to replicate to another DC if the receiving DC is several site links or hops away from the sending DC.
Applications can be run in a single terminal service session utilizing resources efficiently. While accessing remote applications through TS Web Access, remote applications appear as Web links. Remote Desktop Protocol (.rdp) files can be created by administrators and distributed over the network for remote users to install and access applications.
Simply put, a backbone provides a link to tie together many other cables. As the demand for network bandwidth goes up for individual users, the amount of traffic that backbones must carry increases accordingly. Backbones also often provide links to outside resources, such as the Internet, or access to massive centralized data collections, such as mainframe databases and their ilk.
Network cost Cost is perhaps the single biggest factor in determining a network design. If cost were not a constraint, organizations would clearly choose to use high-bandwidth connections for all of their sites. This is just as important as adding redundancy to your links (having multiple links) so that if in case of the loss of a single link, you can still connect to the site you want to communicate with. Realistically, trade-offs in performance must be made for the sake of affordability. Some of the factors that can affect the cost of networking include the distance between networks and the types of technology available at certain locations throughout the world. In locations that are underdeveloped or completely remote, you may not even be able to get Internet Service Provider (ISP)- or Telecom-based access beyond a satellite connection, and what is available can be quite costly. Network designers must keep these factors in mind and often they must settle for less-than-ideal...
NAT is a good solution for situations where ICS is not an option, such as when using a VPN or when the clients are using static IP addresses. A real benefit of NAT becomes apparent when dealing with Administration duties. For example, NAT makes it fairly simple to move your Web server or File Transfer Protocol (FTP) server to another host computer without having to worry about broken links. If you merely change the inbound mapping at the router, you can set it to reflect the new host. The same holds true of changes to your internal network. This is because the only external IP addresses either belong to the router or come from a pool of global addresses.
The right pane of the Start menu contains links, commands, and menus and it's highly customizable. To make the menu convenient, the important programs and system tools are listed in the right pane, and display their contents when you point to them. This makes it extremely easy to work with a Control Panel applet, or to open an Administrative snap-in. To modify the contents of the right pane, follow these steps
After customizing the look of the overall SharePoint site, you might want to change the content of the home page to better suit the needs of your users. The home page is made up of several different parts the Quick Launch link bar, which runs vertically down the left side of the page and contains links to commonly used
Each Web site must have one home directory. The home directory is the central location for your published pages. It contains a home page or index file that welcomes visitors and contains links to other pages in your site. The home directory is mapped to the Web site's domain name or to the name of the Web server.
To allow members of Group Policy Creator Owners to create links to a particular OU, for example, right-click the OU in DSA.MSC. Choose the option Delegate Control from the context menu. Choose Next in the initial screen to go to the part where you add the users and groups to whom you will delegate control. Choose Add and select Group Policy Creator Owners from the list. Choose Add again, then OK to return to the Users or Groups window, as shown in Figure 9.46. The GP Creator Owners will appear in the Selected Users and Groups box. Choose Next then select Manage Group Policy Links from the predefined common tasks to delegate (see Figure 9.47). Choose Next, and confirm your choices in the last screen by clicking the Finish button.
Be aware that some ISPs used by remote users do not support VPNs. Check with these ISPs during your troubleshooting process doing so might save you pulling out a great deal of hair. If the ISP does not support VPNs, find another ISP for your remote client systems. Also understand that satellite providers such as DIRECWAY, a two-way satellite Internet connection provided by DirecTV, do not support VPNs because of the network latency issues when using satellite links.
For example, in Figure 7.1, two domains (mydomain.com and child1.mydo-main.com) have been configured, along with five sites. The first domain houses 20 users and is a placeholder domain, while the second domain has 500 users, spread across sites London, Singapore, Sydney, New York, and HQ. Site links have also been defined between various sites. BH.chikHrmydonTain.com (xl) * (J Site Links While the Active Directory Sizer tool is a useful utility for smaller installations, it does not scale well for larger implementations, where many sites, site links, and other administrative, political, and technical factors all affect the overall Active Directory design as well as the design of Service Placement. It is suggested that Active Directory Sizer be used only in smaller organizations where there are less than 1,000 users, and even then, the suggestions it produces should be ratified by an experienced consultant or by Microsoft.
Creation of multiple site links between the sites. Incorrect Answers & Explanations B, C, and D. Answer B is incorrect because Active Directory DCs cannot be configured for manual updates connection objects must be created to allow DCs to be automatically updated with changes from other DCs. Answer C is incorrect because Active Directory replication can take place between DCs belonging to different domains. Answer D is incorrect because creating multiple site links between sites will not prevent Active Directory replication from taking place. 9. James is a systems administrator for an Active Directory environment that consists of two dozen sites. The physical network environment is not fully routed, and James has disabled automatic site link transitivity. He now wants to set up three site links to be transitive, as they are physically connected to one another. Which of the following Active Directory objects is responsible for representing a transitive relationship between sites B....
Site link bridges are designed to allow site links to be transitive. That is, they allow site links to use other site links to transfer replication information between sites. By default, all site links are bridged. However, you can turn off transitivity if you want to override this behavior.
In the event that a server must be rebuilt for whatever reason, having a backup of the license information will make it simple to restore the license information. The backup and restore functions of the wizard are exposed in the Server Management console with the links Back Up Licenses and Restore Licenses.
The ISTG is responsible for assessing the replication needs of the site in which it resides in relation to other sites and the site links established by the administrator. The ISTG will ensure that DCs in the site receive a copy of the Schema, Configuration, and Local Domain partitions, while GCs receive the same and also partial copies of all other domain partitions. This is done by assigning the role of bridgehead server (BS) to one or more DCs in the site.These BSs are then responsible for replicating changes with other BSs in other sites. Multiple BSs per site might be required to ensure that all partitions required are replicated across site links. Only BSs replicate with DCs in other domains.Therefore, when a change is made to an object on a DC, it first replicates (intra-site) with its partners (established by the KCC), and ultimately, the change arrives at the BS for that partition in the site.That BS then replicates (inter-site) with each of its BS partners. For further...
SiteLink objects can be assigned a cost, which is an administrative setting that gives priority to one link over another, where multiple paths between the same two sites exist. The lowest cost, intuitively enough, has the highest priority. When you assign costs to your links, consider available bandwidth, reliability, latency, and actual costs charged by your ISP based on time or amount of data crossing the line (if applicable). If you leave the default link costs set to 100, or assign costs without proper planning, this may result in large replication streams being directed through unreliable or overutilized WAN links. Table 6-3 shows some of the suggested cost link values. Site link cost configuration becomes more complicated as you factor in more sites, so by default, all site links are bridged. If you have Site A, Site B, and Site C, and there is a site link X defined between Site A and Site B, and another site link Y defined between Site B and Site C, Active Directory assumes...
Each AD site may be configured with a site link to mimic the WAN link connecting the sites.This site link may be configured to reflect the available bandwidth or preference that the link has in the network design using a cost metric. In other words, let's say that a slow link exists between two offices. Elsewhere, another link exists from one of the offices to a third office. Site links may be configured to utilize a preferred route for replication traffic. This is not an IP preferred-route, as seen in IP routing protocol data, but a preferred-route understood by Microsoft's Active Directory. Table 4.14 illustrates the Microsoft-recommended cost values for common bandwidths. ErsLre that Miami is linked to other sites with site links as appropriate.
Sites not connected by site links No bridgehead server in the site Sites that contain the workstations and domain controllers are not connected by site links to domain controllers in other sites in the network. The topology and schedule of the site links cause the replication of information to go through many sites serially before replication updates all sites.
Intersite replication across site links occurs every 180 minutes you can change this if necessary. In addition, you can schedule the availability of the site links for use. By default, a site link is accessible to carry replication 24 hours a day, seven days a week, and you can also change this if necessary. You also can configure a site link to use low-speed synchronous RPCs over TCP IP or asynchronous SMTP transport. That is, replication within a site always uses RPC over IP, whereas replication between sites can use either RPC over IP or SMTP over IP. Replication between sites over SMTP is supported for only DCs of different domains. DCs of the same domain must replicate by using the RPC over IP transport. Hence, you can configure a site link to point-to-point, low-speed synchronous RPC over IP between sites, and low-speed asynchronous SMTP between sites.
Root serves as the sharepoint for the distributed file system. Rather than contain subfolders like a root directory does, the DFS root contains links to the shares (local and remote) that form the distributed file system. Each link appears as a subfolder of the root share.
When creating site links, you have the option of using either IP or SMTP as the transport protocol SMTP replication You can use SMTP only for replication over site links. It is asynchronous that is, the destination DC does not wait for the reply, so the reply is not received in a short amount of time. SMTP replication also neglects Replication Available and Replication Not Available settings on the site link schedule, and uses the replication interval to indicate how often the server requests changes When choosing SMTP, you must install
Finally, this chapter also explained the role of sites, and discussed the relationship of sites to other Active Directory components. We showed you how to create sites and site links, and explained site replication. This chapter enables you to become familiar with exam objectives covering such topics as the various roles and services offered by Active Directory sites.
Site links have associated schedules that indicate at what times of the day the link is available to carry replication traffic. This is known as the replication window. Hubs sites at Ring 1 typically have all the bandwidth they need for immediate replication. The interval at Ring 1 will thus be every 15 minutes. Replication to Ring 2 sites will be every hour (refer to Table 10-4).
Managing Site Links and In this chapter, I discuss administration of sites, subnets, site links, and related components. Active Directory sites are used to control directory replication traffic and isolate logon authentication traffic between physical network locations. Every site has one or more subnets associated with it. Ideally, each subnet that is part of a site should be connected by reliable, high-speed links. Any physical location connected over slow or unreliable links should be part of a separate site, and these individual sites are linked to other sites using site links.
DFS provides other benefits in addition to providing a unified view of a distributed file system and simplifying access to the file system by users. First, DFS uses link tracking to keep track of objects within the DFS namespace, which enables folders and their contents to move without breaking the logical link and structure within DFS. Because users see the logical location for a given folder, rather than the physical location, you can move a folder from one location to another, whether on the same server or to another server. Users can still access the folders from the same logical location even though they may have moved physically. In the case of a Web server, DFS enables you to move portions of a given Web site without affecting availability of the site or breaking any site links. In the case of an enterprise, DFS's link-tracking enables you to restructure storage as needs change without affecting users' access to the shared data or the way they access it.
As just mentioned, is important to realize that the presence of slow WAN links alone is not a good reason to break an organization into multiple domains and because of this, the most common solution is to set up site links with the Site and Services Microsoft Management Console (MMC). When you use this MMC, you can manage replication traffic and fine tune independently of the domain architecture. We'll cover these topics in detail in Chapter 4, Configuring Sites and Managing Replication.
Site links represent the replication routes between two or more sites. Each link can be assigned a relative cost and a schedule. By default, the update frequency is three hours. Figure 14.4 illustrates the physical connections for three sites. For this example, you would configure one instance for the replication process, as you would schedule a conference call. Transitive site links are created automatically, so that all site links are bridged, as in Figure 14.4. But, if you need to control part of your network because one of your links is slower than the others, or it can only connect with one site, you can turn off automatic bridging and create a site link bridge. This is a common situation with branch offices and satellite locations where fast links must be balanced with slower ones.
The disadvantages to having a global catalog lie in the additional traffic that is caused during replication, queries, browsing, and logons.You can overcome much of these traffic issues when you configure your sites and site links and select whether to use a global catalog server or to enable universal group caching on a domain controller.
Hot fixes and security updates to the operating system are made available in between service packs. Although these changes do eventually make their way into service packs, you'll often find that critical fixes must be deployed either to resolve problems you're experiencing or to close security gaps. You can find hot fixes and security updates in two places the Microsoft security Web site and Microsoft Windows Update site. The Microsoft Web site contains links to these two sites, and they are currently located at http www.microsoft.com security and http windowsupdate.microsoft.com, respectively, which addresses are entirely subject to change Murphy's Law, right
By default, site links are transitive, as shown in Figure 5-4. This means that if sites A and B are linked, and sites B and C are linked, then sites A and C are linked through a transitive connection. Although you can disable site-link transitivity for a transport, it is not recommended except in special circumstances. These circumstances include If you disable site link transitivity for a transport, all site links for that transport are affected and become nontransitive. You must then create site-link bridges (covered in the next section) to provide transitive connections. Site-link bridges are logical connections that use site links as their underlying transport. When site-link transitivity is enabled, these logical site link bridges are automatically created between all sites. When site-link transitivity is disabled, you must create the site link bridges yourself. Figure 5-5 shows a simple set of four sites that are connected via site links in a round-robin fashion. If site-link...
By default, site links are made available all the time, which means that replication can occur as needed. However, you can change the times that site links are available if you need to exert tighter control over replication. For example, you could schedule a site link to be available only during off hours so that replication didn't compete with other WAN usage. Keep in mind, though, that although blocking replication during certain times gives priority to other WAN traffic, it also increases the latency of replication the time it takes for all the domain controllers in a domain to arrive at the same state. When replication between two sites traverses multiple site links, the replication of the domain will not complete until each site link, in sequence, has had the opportunity to replicate. In addition to the scheduled times during which the site link is available, the other scheduling concept you need to be aware of is the replication interval. This value indicates how often...
Intrasite replication is optimized for high-performance networks. It happens on a change-notification basis and sends data uncompressed. Intersite replication is optimized to preserve bandwidth. It occurs only over designated bridgehead servers, the data is compressed, and it relies on the scheduled availability of site links and the specified replication interval.
Draw a site map for Northwind Traders, including all site links that you will create. Indicate the cost that you will assign to each site link. In addition, specify the schedule information for site links that will not use the default schedule. 2. Will you disable bridging of all site links If so, will you create any site-link bridges Answers may vary. However, one possible answer is to disable bridging of all site links due to the regional domain model and the limited availability of bandwidth on the WAN links. No need to create any site-link bridges.
All site links are assigned a cost that is used in determining the routing preference they are given relative to other site links. By default, all site links are assigned a value of 100. Making a site link more expensive than another site link causes the replication process (and the process of other applications and services such as the Domain Controller Locator) to favor the less expensive site link when both paths would reach the final destination. Costs along site links are cumulative. For example, consider the diagram shown in Figure 5-6. If a domain controller in Site A needs to replicate information to a domain controller in Site D, it is going to use the path that travels through Site B because the cumulative cost (600) is less than the cumulative cost of the other available path (1000).
Every Website and FTP site must have a home directory, which is the central location for your published web pages. This directory contains a home page that welcomes Web browser users and contains links to other pages in your site. A default home directory is created when you install IIS and when you create a new Web site. You must specify a different home directory for each service if you set up a Website and an FTP site on the same computer. The default home directory for the WWW service is InetPub Wwwroot. The default home directory for the FTP service is InetPub Ftproot. You can choose a different directory as your home directory.
The ISTG is responsible for assessing the replication needs of the site in which it resides in relation to other sites and the site links established by the administrator. The ISTG will ensure that DCs in the site receive a copy of the Schema, Configuration, and Local Domain partitions, while GCs receive the same and also partial copies of all other domain partitions. This is done by assigning the role of bridgehead server (BS) to one or more DCs in the site. These BSs are then responsible for replicating changes with other BSs in other sites. Multiple BSs per site might be required to ensure that all partitions required are replicated across site links. Only BSs replicate with DCs in other domains. Therefore, when a change is made to an object on a DC, it first replicates (intra-site) with its partners (established by the KCC), and ultimately, the change arrives at the BS for that partition in the site. That BS then replicates (inter-site) with each of its BS partners. For further...
Sites are managed and administered through the Active Directory Sites and Services management console snap-in. This utility is used to create and manage site links and their properties within the Windows 2000 domain. To use it, select Start Programs Administrative Tools Active Directory Sites and Services.
Creating Site Links To complete the site link configuration, we need to supply a cost and a schedule. Costs are relative numbers associated with site links to reflect bandwidth and priority. Lower numbers represent higher values (speeds), which are preferred by the spanning tree topology created by the KCC. Table 14.1 below shows suggested cost values Table 14.1 Suggested Cost Values for Site Links
Throughout this chapter, you will look at the technical details of Active Directory replication and how the concept of sites and site links can be used to map the logical structure of Active Directory to a physical network topology to help it work efficiently, no matter what type of link you are working with.
In some cases, it is necessary to bridge replication. If you create Site Links that overlap, you should create a Site Link Bridge. This will allow the replication to use the bridging site to create a direct connection to the destination site. If you want to further control inter-site replication in given sites, you can designate Preferred Bridgehead Servers at the site. The Bridgehead Server manages all
Breaking Active Directory into sites can reduce replication-related network traffic, but simply dividing Active Directory into sites is not enough. In order for sites to exchange Active Directory information, you must implement site links. These links provide information to Windows Server 2003, telling it which sites should be replicated and how often. When you link more than two sites using the same link transport, you are essentially causing them to be bridged. Figure 10-11 shows three sites linked by IP site links by forming a linked bridge, these sites can communicate directly with each other.
A topology requires 2n unidirectional (or n bidirectional) site links per hub site, where n is the number of spoke sites connected and 2m unidirectional (or m bidirectional) site links per hub site, where m is the number of hub sites. A topology of three hub and eight spoke sites (as seen in Figure 2.24) requires 2x3 + 2x3 + 2x2 16 unidirectional or 8 bidirectional links for the spokes, and 6 unidirectional or 3 bidirectional links for the hubs, for a grand total of 22 unidirectional or 11 bidirectional links.
Two types of site replication can occur. Intrasite communication occurs among all domain controllers located within the same site, and intersite communication occurs between two sites configured with a site link. Two communication methods, IP and SMTP, are available for site links. Intrasite links are automatically generated and maintained, but intersite links must be manually created. Intrasite links are maintained by Active Directory to optimize replication. By default, two links to every domain controller are created to eliminate a single link failure. This replication strategy is continually monitored and updated. For example, when a new domain controller is installed in a site, the replication topology is recalculated to provide the most efficient network replication. To configure intersite replication, you must add and configure site links. Once a site link has been created, options are available for scheduling, costs, and replication frequency. This defines how replication...
You should plan thoroughly before creating and deploying an Active Directory. Site planning enables you to optimize the efficiency of the network and reduce administrative overhead. High-performance sites are developed based on the proper planning of the physical design of your network. Site planning enables you to determine exactly which sites you should create and how they can be linked using site links and site link bridges. Site information is stored in the configuration partition, which enables you to create sites and related information at any point in your deployment of Active Directory.
The site topology routes query and replication traffic efficiently, and helps you determine where to place domain controllers within your structure. The site is known as a set of IP subnets these subnets usually have LAN speed or better. Site links are used in the plan to model the available bandwidth between the sites. These links are usually slower than LAN speed. The following four parameters make up a site link You need to consider a few processes before starting your plan. Make sure that you define sites and site links by using your network's physical topology as the beginning point. You may also consult the team manager for your TCP IP and forest planning group. These managers should be involved in this process. In creating the topology for your forest, again use the physical topology of your network for reference. Keep this plan as simple as possible, based on your current bandwidth. Refer to the following section before you commit to creating your plan.
The logical side is a little more nebulous as well as containing the objects that define how the resources are organized and accessed, the logical side contains objects within Active Directory that define how the domain controllers will communicate with one another. Active Directory sites and site links define which domain controllers will replicate directly with each other and which ones will have to communicate indirectly through other domain controllers.
The communication channels used by site links to affect the replication are called connection objects. These objects are also stored in AD and they contain attributes that provide information about replication partners, the sites to which they belong, and the transport used (RPC IP vs. SMTP) to transfer the data.
Site links are used to create a replication path between domain controllers that exist in two sites. Site links can be created so that they control when the replication can occur and which sites are connected using the site link. They also have a cost value to control how the replication is directed. 6. B. Site link bridges are automatically enabled in Windows Server 2003 Active Directory. This makes all site links transitive in nature, which allows replication to occur even to sites that are not directly connected to other sites where a domain controller from their domain exists.
Navigation pages are the principal means by which users move through Windows Powered NAS. They provide links to other informational or task-oriented pages. Each navigation page includes a page caption, page description, and, optionally, a large image. Each of the links on a navigation page is composed of a caption, description, icon, and, optionally, hover text. Note that navigation page links are the same as those provided in the secondary navigation bar. The following figure shows a typical navigation page the Welcome page.
Keep an eye on the way contents change, and tweak your links to maintain efficiency. If a link is busy and contents change frequently, shorten the cache timeout interval to make sure users get the latest version of any file they access. If contents don't change often (for example, a folder that holds boilerplate documents), lengthen the cache timeout to reduce network traffic.
One of the best features of acctinfo.dll is that it allows you to change a user's password on a domain controller within the site where the account is used. This allows you to make the change on a domain controller close to the user so that you do not have to wait until replication passes the password change across the site links. Figure 17.15 shows the screen that appears once you have clicked the Change Password on a DC in the Users Site button. You'll still have the option to reset the password normally, but you will also have the additional site-level options.
If an organization only has one location, the design should be simple, with no wide area network (WAN) links or a need for multiple sites or site links. More often than not, the company will have multiple locations with WAN links connecting them. You may even run into large multinational corporations that not only have multiple locations and several different types of communication links connecting them, but will also have time zone differences and geo-political boundaries.
The Microsoft Hardware Compatibility List (HCL) Web site (http www.microsoft.com hcl ) lists all products that have been designed for Windows. You should use this site when selecting new printers for your organization. If you want little trouble with your shared printer pool, only use printers that include Designed for Windows drivers. When you install printer drivers, Windows will indicate if the driver is digitally signed or not. The Add Printer Wizard dialog box even includes a Web link to the HCL Web site.
A site link bridge creates transitivity between a set of site links. If a site link over a slow WAN connects City Hall to DITT (CH-DITT) and a slow link connects One-Police-Plaza to Parks and Recreation (OPP-PRKS), then a site link bridge called CH-PRKS connects City Hall to Parks and Recreation. The bridge thus allows the domain controllers in the City Hall hub to create replication connections with the domain controllers in the One Police Plaza hub. In other words, the site link bridge creates a link between two sites that do not explicitly have a site link between them.
As an example, let's say that CompanyABC has 40 small sites in Japan and 50 small sites in the United States. Each site consists of a single subnet. The largest office in Japan is in Tokyo. It has a pair of domain controllers. The largest site in the U.S. is in San Jose. It has two domain controllers as well. The two choices would be to either create 90 sites, 90 subnets, and 90 site links or create two sites, 90 subnets, and two site links. If all 90 sites were defined, the KCC would process site link costs for all 90 site links to determine which Domain Controllers should adopt which sites. DNS would hold site records for all 90 sites to list _gc, _ldap, and _kerberos SRV records. If the Domain Controllers in Tokyo happened to be busy when the KCC was processing links, sites in Japan could be adopted by the DCs in San Jose and WAN traffic would increase as authentication, login scripts, and GPO application happened across the WAN.
Once you have created site links, the KCC automatically designates one or more domain controllers for each domain in the site as bridgehead servers. Replication happens through these bridgehead servers instead of happening directly between all domain controllers, as shown in Figure 5-7. Remember that within a site, domain controllers (including the bridgehead servers for other sites) replicate as needed. During the times that site links are scheduled to be available, bridgehead servers will then initiate replication with bridgehead servers in other sites according to the replication interval.
You should provide the site link cost, replication frequency, and replication availability for all site links as part of the process of configuring inter-site replication. When Site Link Costs are configured, a value for the cost of each available connection used for inter-site replication is assigned. If you have multiple redundant network connections, you can establish site links for each connection and assign site link costs to these links that reflect their relative bandwidth. Windows Server 2003 then chooses the link with the lowest cost for the transfer of replication traffic.
However, sites and site links, as we'll see later, can help the administrator to manage, control, and throttle the replication traffic to meet the requirement s of the organization. For example, if the network has a hub and spoke design, with many, small satellite sites connecting to a small number of hub sites, then the sites and site links should be configured in a similar fashion. Site links are manually assigned a cost, a replication interval, and a replication schedule. These are discussed next.
50 Ways To Build Backlinks
Report 50 Ways to Build Backlinks to Achieve Better Search Engine Rankings. This guide will help you Utilize These Awesome Methods to Achieve Better Search Engine Rankings.