In Active Directory forest, from any domains universal groups can include users. Thus, in order to control security across the domains, they are utilized. Whenever operating on domain functional level of Windows Server 2003 or Windows 2000 Native, only universal groups exist. When controlling several domains, it frequently supports to group worldwide groups in universal groups. 

In Active Directory deployment of Windows server 2003, domains are regarded as boundary of logical security that permits for management, creation and administration of related resources. Domain can be thought of as logical division like neighborhood in a city.

Even though the essential features and names are similar, the domains of Active Directory change significantly from those in Windows NT. When compared to Windows NT domain, several objects can be accumulated by active directory domain. Moreover, the domains of active directory can be joined mutually into forests and trees in order to structure more difficult hierarchical structures. 

Domain functional levels: these levels are same like modes in Windows 2000 server. The functional level of Windows 2003 server domain consist of all of latest features that are included in Windows server 2003, however needs that each SC operate Windows 2003 server. The native domain functional level of Windows 2000 provides each of the native mode functionality in Windows 2000; however each of the DC should either operate Windows 2000 server or Windows 2003 server.

The mixed domain functional level of Windows 2000 provides minimum amount of functionality, however it assist DCs operating WindowsNT4 server, Windows 2003 server, and Windows 2000 server. Observe that domains cannot be translated into Windows 2000 Mixed domain functional level from Windows 2000 Native domain functional level back.