Your company has a main office and a branch office.
The main office contains two domain controllers.
You create an Active Directory site named BranchOfficeSite.
You deploy a domain controller in the branch office, and then add the domain controller to the BranchOfficeSite site.
You discover that users in the branch office are randomly authenticated by either the domain controller in the branch office or the domain controllers in the main office.
You need to ensure that the users in the branch office always attempt to authenticate to the domain controller in the branch office first.
What should you do?
A. Create organizational units (OUs).
B. Create Active Directory subnet objects.
C. Modify the slow link detection threshold.
D. Modify the Location attribute of the computer objects.
Correct Answer: B
Explanation/Reference:
http://technet.microsoft.com/en-us/library/cc754697.aspx
Understanding Sites, Subnets, and Site Links
Sites overview
Sites in AD DS represent the physical structure, or topology, of your network. AD DS uses network topology information, which is stored in the directory as site, subnet, and site link objects, to build the most efficient replication topology. The replication topology itself consists of the set of connection objects that enable inbound replication from a source domain controller to the destination domain controller that stores the connection object. The Knowledge Consistency Checker (KCC) creates these connection objects automatically on each domain controller.
..
Associating sites and subnets
A subnet object in AD DS groups neighboring computers in much the same way that postal codes group neighboring postal addresses. By associating a site with one or more subnets, you assign a set of IP addresses to the site.
Note
The term "subnet" in AD DS does not have the strict networking definition of the set of all addresses behind a single router. The only requirement for an AD DS subnet is that the address prefix conforms to the IP version 4 (IPv4) or IP version 6 (IPv6) format.
When you add the Active Directory Domain Services server role to create the first domain controller in a forest, a default site (Default-First-Site-Name) is created in AD DS. As long as this site is the only site in the directory, all domain controllers that you add to the forest are assigned to this site. However, if your forest will have multiple sites, you must create subnets that assign IP addresses to Default-First-Site-Name as well as to all additional sites.
..
Locating domain controllers by site
Domain controllers register service (SRV) resource records in Domain Name System (DNS) that identify their site names. Domain controllers also register host (A) resource records in DNS that identify their IP addresses. When a client requests a domain controller, it provides its site name to DNS. DNS uses the site name to locate a domain controller in that site (or in the next closest site to the client). DNS then provides the IP address of the domain controller to the client for the purpose of connecting to the domain controller. For this reason, it is important to ensure that the IP address that you assign to a domain controller maps to a subnet that is associated with the site of the respective server object. Otherwise, when a client requests a domain controller, the IP address that is returned might be the IP address of a domain controller in a distant site. When a client connects to a distant site, the result can be slow performance and unnecessary traffic on expensive WAN links.
