Active Directory Sites and Services

Hits: 2580

In this post, I am going to share how I configured AD Sites and Services. In our scenario, we have 2 sites and 5 Domain Controllers.

We need to configure Primary and Secondary DNS addresses on Domain Controllers in correct way but this issue has been argued even by Microsoft engineers for years. If you just do a google search right now about this subject, you will find out there are conflicting statements.  I have read many different articles on this one and figured out that we need to keep up with some rules.

1. If a DC is hosting DNS, it should point to itself at least somewhere in the client list of DNS servers because the inclusion of its own IP address in the list of DNS servers improves performance and increases availability of DNS servers. However its own IP address must not be used as the Primary DNS to avoid DNS islanding. If the loopback IP address is the first entry in the list of DNS servers, Active Directory might be unable to find its replication partners. Therefore, Primary DNS should be another DC's IP address. 

2. DC's should have at least 2 DNS entries

3. DCs in a Site should point to each other within a given site

 

After all, I decided to structure my DNS entries like below. Make sure you also run Best Practice Analyzer on your server which can be run via Server Manager/DNS. 

 

Site A

Server1

IP: 10.50.132.10

Primary DNS: 10.50.132.11

Secondary DNS: 10.50.132.10

Server2

IP: 10.50.132.11

Primary DNS: 10.50.132.10

Secondary DNS: 10.50.132.11

 

Site B

Server3

IP:192.168.1.10

Primary DNS: 192.168.1.221

Secondary DNS: 192.168.1.10

Server4

IP:192.168.1.221

Primary DNS: : 192.168.1.220

Secondary DNS: 192.168.1.221

Server5

IP:192.168.1.220

Primary DNS: : 192.168.1.10

Secondary DNS: 192.168.1.220

 

DHCP Server Config:

On DHCP Server, we should set the Scope option for DNS correctly. Site A's DHCP Server must point to Server1 and Server2 and Site B's  DHCP Server must point to Server 3,4,5.

 

Now we can create our sites.

1. Open Active Directory Sites and Services and right click sites and select "New Site"

2. Give a name to the site, select DEFAULTIPSITELINK and click OK.

Repeat Step1 and 2 for each site you want to create.

 

Now we should add Subnets

3.Right click on Subnets, Select "New Subnet", then enter address prefix such as 10.50.0.0/16. Then select the site object for this subnet.

 Repeat the step 3 for each subnet you need to add.

 

 

 Creating Site Links

1. Right-click Inter-Site Transports > IP and then click New Site Link. Enter a name for the link, select  SiteA and SiteB, and click add.

 

Replication Interval

You can change the replication interval between sites.  Select Inter-Site Transports > IP > Right click the Site Link you just created.

Replicate every X minutes, defines how often Sites will replicate between eachother. 

 

Move Domain Controllers to their Sites

Right click on the servers and move them to their sites.