In my previous article I explain the use of AD sites, subnets. If you still not read it you can find it here.
In this article let’s look in to sites and subnet setup and configurations.
In demo I am using the following setup.
|
Server Name |
Roles |
Operating System |
Site |
Subnets |
|
DC1.contoso.com |
Primary Domain Controller |
Windows server standard 2012 R2 |
Site A (HQ) |
192.168.148.0/24 |
|
SRV1.contoso.com |
Additional Domain Controller |
Windows server standard 2012 R2 |
Site B (Branch Office) |
10.10.10.0/24 |
In demo SRV1 server is located in Branch office which is located in different geographical location. It is connected to primary domain via 256kb link. Currently it is setup under default AD site.
In the demo I am going to create 2 sites called Site A and Site B. then assign the relevant servers to it along with the subnets.
To initiate the configuration we need to log in to the primary DC. The user account used for the configuration must be member of domain admin or enterprise admin security groups.
All the configurations will be done via “Active Directory Sites and Services” mmc.
To load it go to Server manager > Tools > Active Directory Sites and Services
As we can see below, both servers are under default AD site.
Create New Site
1. Right click on “Sites” and select “New Site”
2. It will open new window and here type the new Site name. Also we need to select the Site link for the site. In here I will use the default site link. Click “Ok” to create site.
3. Then it will give information windows and click ok to exit from window.
4. Then I follow same steps and create SiteB.
Create Subnets
According to the table we need to create the subnets for each site and associate them.
1. In Active Directory Sites and Services mmc right click on “Subnets” and click on New Subnet.
2. In next window type the subnet with the relevant prefix. Also under “select a site object for this prefix” option select the relevant site it should associate. Then click OK.
3. I did follow same steps and created the 10.10.10.0/24 subnet and assign it with siteB.
Create Site Links
As per demo configuration I explain, Site A and Site B connected with 256kb link. We need to create new site link for it.
1. In Active Directory Sites and Services mmc right click on “Inter-Site Transports > IP” and click on New Site Link.
2. Then in next windows, type a name for the link and select the sites which will communicate between each other and click add to move them to “Sites in this site link”
3. Then click ok to create the link.
4. The link will be created with the default values but we can optimize it with our requirement. In order to change settings right click on the link and select properties.
5. In here, the cost define the link bandwidth. You can find the cost in here https://technet.microsoft.com/en-us/library/cc782827%28v=ws.10%29.aspx according to Microsoft.
6. Also we can define when to replicate changes between sites. To change the schedule click on “Change Schedule” button.
7. In next window you can define the schedule. I have go ahead and did a custom schedule.
8. Click ok to apply the changes.
Move Domain controllers to sites
Now we have sites, subnets an site links setup. Now we need to move the domain controllers in to relevant sites.
1. In Active Directory Sites and Services mmc go to “Default-First-Site-Name > Servers”. Then right click on the DC server you need to move and select option move.
2. In next window select the Site it should move to. According to demo I select SiteA and click ok.
3. Then we can see its move to relevant site.
4. I have followed same steps and move the SRV1 to SiteB.
This completes the configuration of sites, subnets and site links. If you have any questions about the post feel free to contact me on rebeladm@live.com
First of all, thanks for this article.
I'm trying to setup a lab where i have a primary DC completely installed, i even created sites, subnets, links, basically i did pretty much everythign that's staten here.
But i'm having a problem installing ADDS on the second domain controller, since it is on a different subnet from the primary domain controller. When i get to the page "Deployment Configuration" and select "Add a domain controller to an existing domain" i get this error message saying "A domain controller for the domain "XYZ.com" could not be contacted". And i can't pass this step.
What do i have to do in order to be able to contact the primary domain controller, since they're not on the same subnet?
Thanks in advance for you help.
This is more sounds like networking issue, can the sites and primary can talk to each other ? you get ping replys ?
I have the same issue as Andre, I have set up a VPN link site to site, added primary DNS server IP to secondary servers adapter setting, it resolves websites, but when I am trying to install copy of DNS zone on new server, It fails to authenticate, and so does the Active Directory wizzard when promoting secondary server.
Hi! Thanks for this article.. can you give me advice in setting up a 3 sites active derictory. Curently we have AD at HQ, ad.company.com. , what's the best setup would you suggest is it a single forest or a child ad domain at 2 branches?
Thanks!
Hi Dishan,
Thanks for your very detail document about how to setup ACTIVE DIRECTORY SITES, SUBNETS, SITE-LINKS. http://www.rebeladmin.com/2015/02/how-to-setup-active-directory-sites-subnets-site-links/
We are small company, have one main office, has different subnet under one domain, and recently we have few remote office site, so we as your doc describe create sites in AD, but what we found out the Group Policy only works in the main site, but not worked under the new site, all the group policies apply under default domain name.
In the main office, we have 3 2008 Domain Controller, we recently added two windows 2012 to join the domain, but have not raised the forest function, on USIL1 site, added two windows 2012 domain controllers, (point to point to main office), and add another site Richmond has windows 2012 domain controller.
And the AD pass-through is not working on the remote site. This remote site is point to point link with no firewall.
Frank
We called Microsoft support, they said it is network issue. By reading your link, I found a little different than ours. Is that could be the issue?
Is it possible to put multiple subnets on a site?