What makes Active Directory (AD) a very powerful tool is the

combination of two distinctly different structures it possesses: a

logical structure and a physical structure. The logical
structure consists of forests, domains, etc.. On the other hand, the
physical structure is represented by the Domain Controllers (DCs),
servers, physical subnets, etc. A Site is a logical means to represent
the physical aspects of AD.

Sites

Active Directory Sites are the best solution for managing

organizations that have branches in different geographical locations,
but fall under the same domain. Sites are physical groupings of well-
connected IP subnets that are used to efficiently replicate information
among Domain Controllers (DCs). It can be thought of as a mapping
that describes the best routes for carrying out replication in AD, thus
making efficient use of the network bandwidth. Sites help to achieve
cost-efficiency and speed. It also lets one exercise better control over
the replication traffic and the authentication process. When there is
more than one DC in the associated site that is capable of handling
client logon, services, and directory searches, sites can locate the
closest DC to perform these actions. Sites also play a role in the
deployment and targeting of Group Policies.

In AD, the information about the topology is stored as site link

objects. By default, the Default-First-Site-Name site container is
created for the forest. Until another site is created, all DCs are
automatically assigned to this site.

Subnets

Within sites, subnets help in grouping neighboring computers based

on their IP address. So every subnet is identified by a range of IP
associated addresses, and a site is the aggregate of all well
connected subnets. Subnets could be based on either TCP/IPv4 or
TCP/IPv6 addresses.

Site Links
As the name implies, site links are used to establish links between
sites, the default site link being called Default-First-Site-Link. They
give the flow of the replication that takes place between sites. By
configuring site link properties such as site link schedule, replication
cost and interval, intersite replication can be managed.

Sites and Replication

In AD, when a change is applied to a specific DC, all other DCs in the
domain are informed about the change and updated. This happens
through the process of replication.

Active Directory Sites and Services

Active Directory Sites and Services is an administrative tool that is

used to manage sites and the related components. It comes with its
own MMC snap-in. The following is a partial list of tasks that can be
managed:

• Creating sites

• Creating subnets, and associating subnets with sites

• Creating site links

• Configuring site properties

• Moving servers between sites

Creating AD sites benefits you in several ways, the first of which

is that creating these sites lets you control replication traffic over
WAN links. This control is important in Windows 2012 because
any Win2K domain controller (DC) can originate changes to AD.
To ensure that a change you make on one DC propagates to all
DCs, Win2K uses multimaster replication (instead of the single-
master replication that NT 4.0 uses). You might think that
multimaster replication would make it difficult to plan for AD
replication’s effect on your WAN links, but you can overcome
this obstacle using AD sites.

AD employs two types of replication: intra-site replication, which

occurs between DCs that are members of the same site, and
inter-site replication, which occurs between DCs at different
sites. Intra-site replication requires high bandwidth because it’s
based on change notification and because it initiates within 5
minutes of any change that occurs to a DC's local copy of the AD.
With inter-site replication, bandwidth is limited because it
occurs over WAN links. Inter-site replication is usually
compressed to conserve bandwidth, and you can schedule it to
occur during periods of low network utilization

A site consists of one or more subnets (unique network segments). For

example, in a network with three subnets in Redmond and two in
Paris, the administrator can create two sites: one in Redmond and one
in Paris, and add the subnets to the local sites.

The Active Directory uses site information in these ways:

• The KCC generates a replication topology more strongly-

connected within a site than between sites (adds some traffic but
reduces intra-site replication latency).
• Does not compress intra-site replication messages (adds some
traffic but reduces CPU utilization on DCs).
• Intra-site DC replication is change-based; inter-site DC replication
is scheduled.
• Client machines use site information to find nearby DCs for logon
operations.
 • The Active Directory uses site information to help users find the
closest machine that offers a needed network or a third-party
service.

Intra-Site Replication

Intra-site replication (between domain controllers in the same site)

attempts to complete in the fewest CPU cycles possible. Because
domain controllers should be able to serve clients quickly for logons,
searches, etc., the network connection between them is assumed to
have lots of available bandwidth and reliable connection

Replication Transports

While intra-site replication supports only replication based on remote

procedure calls (RPCs), the initial release of Windows 2000 offers two
transports for inter-site replication:

• Synchronous (scheduled) via RPC over TCP/IP

• Asynchronous via simple mail transfer protocol (SMTP)

The intra-site RPC transport does not support data compression; the
inter-site transports, both RPC and SMTP, do.

KCC

The KCC is a built-in process that runs on all domain controllers and
generates replication topology for the Active Directory forest. The KCC
creates separate replication topologies depending on whether replication is
occurring within a site (intrasite) or between sites (intersite). The KCC also
dynamically adjusts the topology to accommodate the addition of new
domain controllers, the removal of existing domain controllers, the
movement of domain controllers to and from sites, changing costs and
schedules, and domain controllers that are temporarily unavailable or in an
error state.

Site link

Site links are Active Directory objects that represent logical paths that the
KCC uses to establish a connection for Active Directory replication. A site
link object represents a set of sites that can communicate at uniform cost
through a specified intersite transport.

All sites contained within the site link are considered to be connected by
means of the same network type. Sites must be manually linked to other
sites by using site links so that domain controllers in one site can replicate
directory changes from domain controllers in another site. Because site
links do not correspond to the actual path taken by network packets on the
physical network during replication, you do not need to create redundant
site links to improve Active Directory replication efficiency.

When two sites are connected by a site link, the replication system
automatically creates connections between specific domain controllers in
each site that are called bridgehead servers

Site link bridge

A site link bridge is an Active Directory object that represents a set of site
links, all of whose sites can communicate by using a common transport.
Site link bridges enable domain controllers that are not directly connected
by means of a communication link to replicate with each other. Typically, a
site link bridge corresponds to a router (or a set of routers) on an IP
network.

By default, the KCC can form a transitive route through any and all site links
that have some sites in common. If this behavior is disabled, each site link
represents its own distinct and isolated network. Sets of site links that can
be treated as a single route are expressed through a site link bridge. Each
bridge represents an isolated communication environment for network
traffic.

Site link bridges are a mechanism to logically represent transitive physical

connectivity between sites. A site link bridge allows the KCC to use any
combination of the included site links to determine the least expensive
route to interconnect directory partitions held in those sites. The site link
bridge does not provide actual connectivity to the domain controllers. If the
site link bridge is removed, replication over the combined site links will
continue until the KCC removes the links.