An efficient site design will allow users to authenticate using a domain controller close to their computer and applications to take advantage of Global Catalogs within the same site as the one in which they are located. When determining where you should create sites, you should map out the current network infrastructure to determine where the well-connected networks are and the WAN links that connect them. Once the network has been mapped, the initial site structure can be designed based on the network connections.
After determining where you need to control replication and application access to Global Catalog servers, you can create the site links that connect the sites. Site links allow domain controllers in two sites to replicate based on a scheduled time. Large amounts of replication traffic will be compressed to make the transmission of data as efficient as possible. Site link bridging, which is enabled by default, makes the site links transitive in nature and allows the replication traffic to pass through sites that do not have direct connections to each other.
You should consider domain controller specifications, and you should make sure that the domain controllers you are planning on using will support the number of users that you need to authenticate. Once you have chosen your domain controllers, you should place them close to the users who need to authenticate so that they will not have to pass the authentication request across a WAN link. If the WAN link were to fail, the users would not be able to access their network resources.
Global Catalog server placement should also be taken into consideration. Applications such as Exchange Server 2003 require a Global Catalog server, so you should have one in the same site as the server. Users request universal group membership from Global Catalog server when they log on. Sites where users perform many queries against the Global Catalog server should also have one located within the site.
In the next chapter, we are going to discuss network access and determine the required types of network access for all of the different users that will be using our network when accessing Active Directory resources. This will include local users and remote access users. We will also discuss placement of specialized servers such as routers, remote access servers, and servers that will be placed in perimeter networks.