As you know, the core unit of the logical structure in Active Directory is the domain. The domain serves many functions: It can act as a security boundary and as a unit of replication. Windows domains, with which you may be familiar, are also security boundaries but function very differently from Windows 2000 Active Directory domains.
A domain administrator has the permissions and rights to administer within that domain only, unless the administrator is explicitly granted those rights in another domain. Furthermore, administrative authority can be granted over one or a group of organizational units within a domain, providing for much more granular administration. By contrast, in Windows NT, the domain was the smallest administrative unit, so you could not grant administrative authority to a user for part of a domain.
All domain controllers in a domain participate in replication and contain a complete copy of all directory information for their domain.
Once established, a domain can function as a
mixed-mode[1] or
native-mode[2] domain.
What does this mean?
A mixed-mode domain supports domain controllers that are running either Windows 2000 or Microsoft Windows NT. In a native-mode domain, all domain controllers run Windows 2000. After you install Active Directory and establish a domain, the domain and Active Directory are running in mixed-mode until you explicitly change it to native-mode. The SlideShow below elaborates on these domain definitions and shows how the domain functions once it has been created.
Domain Security Boundary
The change from mixed-mode to native-mode is a one-way process; you cannot change from native-mode to mixed-mode.
In the next lesson, you will learn more about organizational units.
[1]Mixed-mode domain: You should apply it only to systems that have had the Exchange Server Analyzer Tool run against them and are experiencing that specific issue. The Exchange Server Analyzer Tool, available as a free download, remotely collects configuration data from each server in the topology and automatically analyzes the data. The resulting report details important configuration issues, potential problems, and nondefault product settings. By following these recommendations, you can achieve better performance, scalability, reliability, and uptime.