Active Directory Sites & Subnet Object

Hi Group Members,

I have Created Single Forest and Multiple Domains

Example :     - Root DC                       IP :            MASK :  - 1st Child Domain       IP :            MASK :  - 2nd Child Domain       IP :           MASK :

Checked that all servers are successfully pinging each other and also replication is working normally

But i have seen in some learning video that the Trainer First Create a "New Site" on Root DC Then Added a "Subnet Object" then he installed other Child DC's etc (AD installation and Joined as Child Domain)

Now Pls tell me Why he Created these Sties ? Is this important Step to create site first then joined Child DC after ?

What is the importance of subnet object in Active Directory Sites and Services ?

On my Above mentioned scenario can  i create subnet object and or add sites after joining the child domains ?

pls help me

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Neil RussellTechnical Development LeadCommented:
In terms of Sites & Services Subnets relate to Sites IN THE DOMAIN. I would never consider defining subnets that are in fact in use by a child domain.
Maybe somebody differs but would be a new one on me.
SandeshdubeySenior Server EngineerCommented:
Having all of your subnets in Active Directory is important because a client that attempts to log on from a subnet that is not associated with any site may authenticate with any domain controller in the domain. This can result in the logon process taking longer to complete. Unfortunately, Microsoft has not provided an easy way to rectify this problem.

Under Windows 2000,the only source of missing subnet information is the System event 5778. The
The only way to dynamically determine missing subnets is to query each domain controller for 5778 events and map the IP addresses specified within the events to a subnet you add to the site topology.

With Windows Server 2003, things are not that much better. One of the issues with the 5778 events under Windows 2000 is that they can easily fill up your System event log if you have many missing subnets. In Windows 2003, Microsoft decided to instead display a summary event 5807 that states that some number of connection attempts have been made by clients that did not map to a subnet in the site topology.

Instead of scraping the event logs on every domain controller, you can look at the %SystemRoot%\debug\netlogon.log file on each domain controller and parse out all of the NO_CLIENT_SITE enTRies. This is still far from an easy process, but at least the event logs are no longer cluttered with 5778 events.
Here is an example of some of the NO_CLIENT_SITE enTRies from the netlogon.log file:

You can create the Sites and Subnets before DC promotion or you can do the same later once the DC is promoted.

Also make all the DC as GC(Global Catlog):

Refer this KB for sites and subnet creation:


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
infoplateformAuthor Commented:
Thanks For Your Comments
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.