Your company has a main office and a branch office. The main office contains two domain
controllers.
You create an Active Directory site named BranchOfficeSite.
You deploy a domain controller in the branch office, and then add the domain controller to
the BranchOfficeSite site.
You discover that users in the branch office are randomly authenticated by either the domain
controller in the branch office or the domain controllers in the main office.
You need to ensure that the users in the branch office always attempt to authenticate to the
domain controller in the branch office first.
What should you do?
A.
Create organizational units (OUs).
B.
Create Active Directory subnet objects.
C.
Modify the slow link detection threshold.
D.
Modify the Location attribute of the computer objects.
Explanation:
http://technet.microsoft.com/en-us/library/cc754697.aspx
Understanding Sites, Subnets, and Site Links
Sites overviewSites in AD DS represent the physical structure, or topology, of your network. AD DS uses
network topology information, which is stored in the directory as site, subnet, and site link
objects, to build the most efficient replication topology. The replication topology itself
consists of the set of connection objects that enable inbound replication from a source
domain controller to the destination domain controller that stores the connection object. The
Knowledge Consistency Checker (KCC) creates these connection objects automatically on
each domain controller.
..
Associating sites and subnets
A subnet object in AD DS groups neighboring computers in much the same way that postal
codes group neighboring postal addresses. By associating a site with one or more subnets,
you assign a set of IP addresses to the site.
Note
The term “subnet” in AD DS does not have the strict networking definition of the set of all
addresses behind a single router. The only requirement for an AD DS subnet is that the
address prefix conforms to the IP version 4 (IPv4) or IP version 6 (IPv6) format.
When you add the Active Directory Domain Services server role to create the first domain
controller in a forest, a default site (Default-First-Site-Name) is created in AD DS. As long as
this site is the only site in the directory, all domain controllers that you add to the forest are
assigned to this site. However, if your forest will have multiple sites, you must create subnets
that assign IP addresses to Default-First-Site-Name as well as to all additional sites.
..
Locating domain controllers by site
Domain controllers register service (SRV) resource records in Domain Name System (DNS)
that identify their site names. Domain controllers also register host (A) resource records in
DNS that identify their IP addresses. When a client requests a domain controller, it provides
its site name to DNS. DNS uses the site name to locate a domain controller in that site (or in
the next closest site to the client). DNS then provides the IP address of the domain controller
to the client for the purpose of connecting to the domain controller. For this reason, it is
important to ensure that the IP address that you assign to a domain controller maps to a
subnet that is associated with the site of the respective server object. Otherwise, when a
client requests a domain controller, the IP address that is returned might be the IP address
of a domain controller in a distant site. When a client connects to a distant site, the result can
be slow performance and unnecessary traffic on expensive WAN links.