What do Active Directory sites do?

Active Directory sites govern access and replication.

Active Directory's DClocator process allows for devices to find the nearest domain controller. By default, these would be the domain controllers in the current Active Directory site where the device resides. The way the device knows in which site it resides is derived from its IP address, which matches a subnet, as defined for the Active Directory site.

When there are no domain controllers in an Active Directory site, the site link costs define the nearest domain controller to DClocator. The domain controllers in the site connected with the lowest cost will be returned to the device.

Domain controllers in different Active Directory sites replicate partitions over the same Active Directory site links through bridgehead servers; these are domain controllers that take on the additional role of replicating over the site link to the bridgehead server on the other side, on top of replicating with the domain controller(s) within its site.

Replication over site links can be managed in terms of schedule and replication type.

The DNS and the Distributed Filesystem (DFS) are both Active Directory site-aware, in that they can provide access to the services closest to the end user. For instance, in a DFS setup with a file server on each location, the end user in a specific site would be redirected to the file server in their respective Active Directory site and have readily-available connectivity, while the file servers take care of any replication needed.