[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 355
  • Last Modified:

Adding new subnet to organisation

Hi

We are running Windows 2003 Active directory.

We have 4 subnets, each subnet is a site in AD and has a DC.

We are going to add a new subnet to one of the sites....this subnet won't have a DC, it will be used for app servers only. Do we still need to add it to AD sites and services?
0
kam_uk
Asked:
kam_uk
3 Solutions
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
I don't know how practical it is to create one site per subnet... to me, a site is a physical location, not a network subnet.

That said, I would add the subnet to the site that you want it to primarily authenticate with.
0
 
fishadrCommented:
As leew says sites and subnets are physical structures that help map the physical network structure, to facilitate network communications and to set physical boundaries around network resources.

A site is a group of computers in one or more IP subnets. You use sites to map the physical structure of your network. Sites mappings are independent from logical domain structures, and because of this there's no necessary relationship between a network's physical structure and its logical domain structure. With Active Directory, you can create multiple sites within a single domain or create a single site that serves multiple domains. There is also no connection between the IP address ranges used by a site and the domain namespace.

Computers are assigned to sites based on their location in a subnet or a set of subnets. If computers in subnets can communicate efficiently with each other over the network, they're said to be well connected. Ideally, sites consist of subnets and computers that are all well connected.

When clients log on to a domain, the authentication process first searches for domain controllers that are in the same site as the client. This means local domain controllers are used first, if possible, which localizes network traffic and can speed up the authentication process.

It probably wont make much difference adding the subnet to AD at this moment in time but it is good practice and should be done.

More information can be viewed here:
http://technet.microsoft.com/en-us/library/bb726976.aspx

0
 
AmericomCommented:
To answer your question, it is not required to add and define your new physical subnet to the AD DS. If you don't you could and very likely would have problem such as slow response or performance for your domain client and possibly getting NETLOGON Event ID 5807 error etc. Therefore you should add and define your newly added subnet to one of the existing site in AD.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now