The physical structure of Active Directory relates to two main types of objects – sites and domain controllers.
Sites
Unlike NT 4, Windows 2000 Active Directory provides for the concept of physical locations within its design. In Active Directory, a site is a collection of TCP/IP subnets connected at high speed. Though ‘high-speed’ is relative, usually it refers to a collection of subnets connected at LAN-type speeds. You define sites in Active Directory to control replication, authentication, and the location of services. Once sites have been defined, a client computer will attempt to authenticate to a domain controller that is part of the same site, instead of sending the request over the WAN.
Sites also allow you to control when replication can occur between domain controllers. For example, in NT 4, all BDCs replicated with their PDC using a 5-minute interval change notification process. Since there wasn’t any easy way to control replication between physical locations (it was possible by batch scripting to the registry), replication traffic often saturated links and degraded performance. Once you have defined sites in Active Directory, you can also specify the times and days at which replication between sites can occur, how often during these times, and the preferred path that replication should follow. You should note, however, that only one site exists by default, and until you define more sites, replication will continue to occur on the same old 5-minute change notification interval. It is also important to note that sites are another element that allow large companies to have only a single domain – since there is no correlation between the logical and physical structures of Active Directory, you could have one domain and hundred of sites. The ability to control replication traffic is a big part of what makes this more manageable than in the past.
