In comparison to the logical structure, which performs administrative tasks, the Active Directory physical structure checks when and where logon and replication traffic occurs. The physical structure of Active Directory contains all the physical subnets present in your network like domain controllers and replication between domain controllers.
The physical structure of Active Directory:
- Domain Controllers: These computers run Microsoft Windows Server 2003/2000, and Active Directory. Every Domain Controller performs specific functions like replication, storage and authentication. It can support maximum one domain. It is always advised to have more than one domain controller in each domain.
- Active Directory Sites: These sites are collection of well-connected computers. The reason why we create site is domain controllers can communicate frequently within the site. This way it minimizes the latency within site say changes made on one domain controller to be replicated to other domain controllers. The other reason behind creating a site is to optimize bandwidth between domain controllers which are located in different locations.
All IP subnets who share the common Local Area Network (LAN) connectivity without knowing the actual physical location of computers is called site.
Let’s take an example: A site has subnets 192.168.5. A and 192.168.50.A, where 192.168.5.A computer is located in Texas and 192.168.50.A computer is located in London. In this case physical location of both the computer is not known to user. Because of proper bandwidth between these two, they are able to work and configure computers within the same Active Directory Site.
Few considerations an Administrator should examine before creating a new site are proper bandwidth, available bandwidth cost and replication traffic expected.
- Active Directory Partitions: Each Domain Controller contains the following active directory partitions:
- The Domain Partition contains a copy of all the objects in that domain. Replication in Domain Partition is only to other domain controllers which are in the same domain.
- The Schema Partition is forest wide. Every forest has one schema with consistent object class. The Schema and Configuration take part in replication, and get replicated to all domain controllers in a forest.
- Application Partition which is optional carries objects which are not related to security and can be used by one or more applications. Application Partition replicates to specific domain controller in the forest.