In this chapter, you will learn all about the functions of forests and domains in the Windows Server 2008 Active Directory infrastructure, and we will walk you through the steps of creating a forest and domain structure for a network. Site and subnet information is also used by Active Directory-enabled services to help clients find the nearest service providers. Sites are used for replication and for optimizing the authentication process by reducing authentication traffic across slow, high-cost WAN links.
Sites are important in an enterprise-level multiple location network, for creating a topology that optimizes the process of replicating Active Directory information between domain controllers (DCs). Active Directory sites and subnets define the physical structure of an Active Directory network. In order to allow Active Directory to support the physical structure of your network, we will also discuss the configuration of Active Directory sites, site links, and subnet objects. Forests are collections of domain trees that have trust relationships with one another, but each domain tree has its own separate namespace. Domains are logical units that hold users, groups, computers, and organizational units (OUs, which in turn can contain users, groups, computers, and other OUs). Forests and domains define the logical structure of the network, with domains organized into domain trees in which subdomains (called child domains) can be created under parent domains in a branching structure. Tony Piltzecker, Brien Posey, in The Best Damn Windows Server 2008 Book Period (Second Edition), 2008 IntroductionĪ Microsoft Active Directory network has both a physical and a logical structure.