Connecting Sites with Site Links

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To connect sites with site links, identify the member sites that you want to connect with the site link, create a site link object in the respective Inter-Site Transports container, and then name the site link. After you create the site link, you can proceed to set the site link properties.

When creating site links, ensure that every site is included in a site link. In addition, ensure that all sites are connected to each other through other site links so that the changes can be replicated from domain controllers in any site to all other sites. If you fail to do this, then the KCC generates an error message in the Directory Service log in Event Viewer stating that the site topology is not connected.

Whenever you add sites to a newly created site link, determine if the site being added is a member of other site links and change the site link membership of the site if needed. For example, if you make a site a member of the default-first-site-link when you initially create the site, be sure to remove the site from the default-first-site-link after you add the site to a new site link. If you do not remove the site from the default-first-site-link, the KCC will make routing decisions based on the membership of both site links, which may result in incorrect routing.

To identify the member sites that you want to connect with a site link, use the list of locations and linked locations that you recorded in the "Geographic Locations and Communication Links" worksheet. If multiple sites have the same connectivity and availability to each other, you can connect them with the same site link. For an example of a completed Geographic Locations and Communication Links worksheet, see "Listing Communication Links and Available Bandwidth" earlier in this chapter.

The Inter-Site Transports container provides the means for mapping site links to the transport that the link uses. When you create a site link object, you create it in either the IP container (which associates the site link with the remote call procedure [RPC] over IP transport) or the Simple Mail Transfer Protocol (SMTP) container (which associates the site link with the SMTP transport). When you create a site link object in the respective Inter-Site Transports container, Active Directory uses RPC over IP to transfer both intersite and intrasite replication between domain controllers. To keep data secure while in transit, RPC over IP replication uses both the Kerberos authentication protocol and data encryption.

When a direct IP connection is not available, you can configure replication between sites to use SMTP. However, SMTP replication functionality is limited and requires an enterprise certification authority (CA). SMTP can only replicate the configuration, schema, and application directory partitions, and does not support the replication of domain directory partitions.

To name site links, use a consistent naming scheme, such as name_of_site1-name_of_site2. Record the list of sites, linked sites, and the names of the site links connecting these sites in a worksheet.

For a worksheet to assist you in recording site names and associated site link names, see "Sites and Associated Site Links" (DSSTOPO_5.doc) on the Windows Server 2003 Deployment Kit companion CD (or see "Sites and Associated Site Links" on the Web at https://www.microsoft.com/reskit).

Figure 3.17 shows an example of a completed "Sites and Associated Site Links" worksheet.

Figure 3.17   Example of a Sites and Associated Site Links Worksheet