Sites in AD

[Guest]

Hello.

I have a parent domain with two DC´s and One Exchange 2000 Server. I also
have five child domains with one DC each. They are connected by slow links.

I need to create the sites in active directory. Nowadays, only exist the
Default-First-Site-Name. i am just creating new sites to the child domains
and i will keep the default site with the DC´s in the parent domain.

When i create more sites, i need to associate a subnet to the
default-first-site-name? I know that when i create new sites i have to
associate an IP Subnet.

I renamed the default-First-Site-Name and i had problems to start the
microsoft exchange 2000 services. Can i rename the default site with an
exchange server? I want that the default site represents the parent domain.

Thanks in advance.

 

[Ryan Hanisco]

Maurit,

Sites exist in one domain only and should each have a GC (and often a DNS
services too) running in each one. With different domains, you have no
replication, and your traffic will be based on use of foreign objects,
rather than the AD.

The only way to fix this would be to migrate the users in the child domains
to the parent, destroy the child domain, then bring the DC up as a DC in the
original domain but in a new site. With only one DC in each child, you have
a single point of failure. Using sites, you would still be ok if either
your uplink or server went belly up.

Remember, sites are created to control replication traffic over slow links.
Domains are created to separate security policies, political boundaries, or
management functions (though I'd still advocate Sites and OUs for this in
most cases.)

If you had a good reason for creating the child domains, let us know and
tell us what problem you are trying to solve with sites. Maybe we can help
you accomplish your goals in another way.

 

[Chriss3 [MVP]]

Sites are forest wide, sites can contains multiple domain controllers from
different sites within a forest, and span across multiple domains. You can
leave the default-first-site-name site if you want. or rename it and bind a
I to it. Heaving a site such the default-first-site-name without any IP
subnet bound makes it available for clients that's not have an IP address
that matches any other IP Subnet within the site structure.

--
Regards
Christoffer Andersson
Microsoft MVP - Directory Services

No email replies please - reply in the newsgroup

 

[Guest]

Hi Ryan,

Thanks for answering. Let´s go!

The child domains already exist. They are different part of my organization,
so the different domains were created for administration purposes, i think.
(i was not here when it was created)

My first idea was to create one site to each child domain, because it
identifies the physycal structure of my network and control the traffic
logon. is this correct?
do you think that is not necessary to create a site for these child domains?
If i create the sites in AD for each domain (including the parent domain) do
i have to create a GC in each site?

An important information is that my exchange server is on the root
domain....and the users from child domains also have mailbox in the root
domain.

Do the DC´s in the child domains replicate with global catalog? The GC have
part of the read only copy of each domain partition, i think.

Other thing that i will have to do is to change the root domain to Native
Mode. is it necessary to change the child domains to native mode?

We need to change the root domain to native mode because of exchange server
2000 and universal groups, but i dont see any need to change to native mode
in the child domains.

I hope my ideas can be alittle bit clear now. Hope hear from you soon.

Thanks a lot for helping.
Maurit.

 

[Ryan Hanisco]

Christoffer,

You are right about sites being available forest-wide and in that sense they
are good for things like DFS and printer location.

I was more trying to get at the reason for the question, as creating sites
will not have the same replication-shaping effect as they would if there
were one domain crossing site boundaries. Its been a long day and one of my
clients has been fighting a nasty virus that got into a DC so I was a bit
lax.

Thanks for keeping me honest.