Physical Structure  «Prev  Next»
Lesson 2 Physical structure
ObjectiveDefine the Physical Structure of Active Directory.

Logical versus Physical Structure

In Active Directory, the logical structure is separate from the physical structure. You use the logical structure to organize your network resources, and you use the physical structure to configure and manage your network traffic. The physical structure of Active Directory is composed of sites and domain controllers. We will learn more about these later on. The image below shows sites as part of the physical structure of the network, and domains as part of the logical structure. It is important to note that there is no relationship between sites and domains.

Physical and logical structure of Active Directory
The physical structure(sites) and logical structure (domains) of Active Directory are independent of each other with the following consequences.
  1. No required relationship between the physical structure of the network and the domain structure of the network
  2. Active Directory allows multiple domains in a single site in addition to multiple sites in a single domain
  3. There is no necessary connection between site and domain namespaces

Physical Structure, Replication, and logon

The physical structure of Active Directory defines where and when replication and logon traffic occurs. As you will learn in this course, understanding the physical components of Active Directory is critical to optimizing network traffic and the logon process. More importantly, knowing how the physical components work together is valuable in troubleshooting replication and logon problems.

Active Directory allows multiple domains in a single site in addition to multiple sites in a single domain
  1. There is no necessary relationship between the physical structure of the network and the domain structure of the network
  2. Active Directory allows multiple domains in a single site in addition to multiple sites in a single domain
  3. There is no necessary connection between site and domain namespace

The following series of images examine each of the physical components of Active Directory:
1) Each domain controller belongs to a specific site
1) Each domain controller belongs to a specific site

2) Site location of a domain controller determines its place in the replication topology of Actice Directory
2) Site location of a domain controller determines its place in the replication topology of Active Directory

3) Domain controller's site location is also an important factor in logon authentication, directory queries, and service requests
3) Domain controller's site location is also an important factor in logon authentication, directory queries, and service requests


4) A domain controller's site location is established during the installation of AD
4) A domain controller's site location is established during the installation of Active Directory.

5) When you create the first domain controller in Windows 2000 network, the Active Directory Installation Wizard creates the initial physical structure that consists of a single site called Default-First-SIte-Name
5) When you create the first domain controller in Windows network, the Active Directory Installation Wizard creates the initial physical structure that consists of a single site called Default-First-SIte-Name (which you can rename)

6) A domain controller's site location remains consistent unless an administrator manually changes its site assignment
6) A domain controller's site location remains consistent unless an administrator manually changes its site assignment


  1. Each domain controller belongs to a specific site
  2. Site location of a domain controller determines its place in the replication topology of Active Directory
  3. Domain controller's site location is also an important factor in logon authentication, directory queries, and service requests
  4. A domain controller's site location is established during the installation of Active Directory.
  5. When you create the first domain controller in Windows network, the Active Directory Installation Wizard creates the initial physical structure
  6. A domain controller's site location remains consistent unless an administrator manually changes its site assignment

Physical Structure of Active Directory

Note about Replication

When changes occur, such as when a user changes his or her password, those changes must be copied to the password server and then replicated to other domain controllers. Replication ensures that this kind of directory information is available to all domain controllers and client computers across your entire network.

Using Active Directory to manage Replication

Several features of Active Directory allow the administrator greater flexibility to manage network tasks (like replication) from a single point on the network. One of the most important features is multi-master replication. It has several advantages.

The advantages of multi-master Replication

Unlike in Windows Server , changes made on one domain controller are replicated for all others. Multi-master replication lets you update the directory and make changes for all domain controllers. This has three important advantages for the administrator.

The link below describes these three advantages:
Multimaster Replication Advantages.
In the next lesson, we will discuss how to use sites and subnets to manage network traffic.

Active Directory Field Guide