Active DirectoryMicrosoft Technologies

How to setup active directory sites, subnets, site-links?

In my previous article I explain the use of AD sites, subnets. If you still not read it you can find it here.

In this article let’s look in to sites and subnet setup and configurations.

In demo I am using the following setup.

Server Name

Roles

Operating System

Site

Subnets

DC1.contoso.com

Primary Domain Controller

Windows server standard 2012 R2

Site A (HQ)

192.168.148.0/24

SRV1.contoso.com

Additional Domain Controller

Windows server standard 2012 R2

Site B (Branch Office)

10.10.10.0/24

In demo SRV1 server is located in Branch office which is located in different geographical location. It is connected to primary domain via 256kb link. Currently it is setup under default AD site.

In the demo I am going to create 2 sites called Site A and Site B. then assign the relevant servers to it along with the subnets.

To initiate the configuration we need to log in to the primary DC. The user account used for the configuration must be member of domain admin or enterprise admin security groups.

All the configurations will be done via “Active Directory Sites and Services” mmc.

To load it go to Server manager > Tools > Active Directory Sites and Services

s1

As we can see below, both servers are under default AD site.

s2

Create New Site  

1.    Right click on “Sites” and select “New Site”

s3

2.    It will open new window and here type the new Site name. Also we need to select the Site link for the site. In here I will use the default site link. Click “Ok” to create site.

s4

3.    Then it will give information windows and click ok to exit from window.

s5

4.    Then I follow same steps and create SiteB.

s6

Create Subnets

According to the table we need to create the subnets for each site and associate them.

1.    In Active Directory Sites and Services mmc right click on “Subnets” and click on New Subnet.

s7

2.    In next window type the subnet with the relevant prefix. Also under “select a site object for this prefix” option select the relevant site it should associate. Then click OK.

s8

3.    I did follow same steps and created the 10.10.10.0/24 subnet and assign it with siteB.

s9

Create Site Links

As per demo configuration I explain, Site A and Site B connected with 256kb link. We need to create new site link for it.

1.    In Active Directory Sites and Services mmc right click on “Inter-Site Transports > IP” and click on New Site Link.

s10

2.    Then in next windows, type a name for the link and select the sites which will communicate between each other and click add to move them to “Sites in this site link”

s11

s12

3.    Then click ok to create the link.
4.    The link will be created with the default values but we can optimize it with our requirement. In order to change settings right click on the link and select properties.

s13

5.    In here, the cost define the link bandwidth. You can find the cost in here https://technet.microsoft.com/en-us/library/cc782827%28v=ws.10%29.aspx according to Microsoft.

s14

6.    Also we can define when to replicate changes between sites. To change the schedule click on “Change Schedule” button.

s15

7.    In next window you can define the schedule. I have go ahead and did a custom schedule.

s16

8.    Click ok to apply the changes.

Move Domain controllers to sites

Now we have sites, subnets an site links setup. Now we need to move the domain controllers in to relevant sites.

1.    In Active Directory Sites and Services mmc go to “Default-First-Site-Name > Servers”. Then right click on the DC server you need to move and select option move.

s17

2.    In next window select the Site it should move to. According to demo I select SiteA and click ok.

s18

3.    Then we can see its move to relevant site.

s19

4.    I have followed same steps and move the SRV1 to SiteB.

s20

This completes the configuration of sites, subnets and site links. If you have any questions about the post feel free to contact me on rebeladm@live.com

Related posts
Cyber SecurityMicrosoft Entra IDMicrosoft Technologies

Microsoft Entra lifecycle workflows Part 02 - How to synchronize value for employeeHireDate attribute from on-premises Active Directory ?

In my previous blog post, I explained how we can automate JML (Joiners/Movers/Leavers) process by…
Read more
Azure servicesMicrosoft Entra IDMicrosoft Technologies

Step-by-Step Guide : Automate JML(Joiners/Movers/Leavers) process with Microsoft Entra lifecycle workflows

JML (Joiners/Movers/Leavers) process of an organization has a major impact on its security and…
Read more
Cyber SecurityMicrosoft DefenderMicrosoft Technologies

Microsoft Defender for Identity Part 02 – Create Directory Service Account

In Part 01 of Microsoft Defender for Identity blog series, I have explained about Microsoft Defender…
Read more
Newsletter
Become a Trendsetter

Sign up and get the best of RebelAdmin, tailored for you.

6 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *