The act of promoting a Windows 2000 Server computer to a domain controller either creates a domain or adds additional domain controllers to an existing domain. Create a domain controller to:
To create a Windows 2000 domain, you must create at least one domain controller in that domain. The act of creating the domain controller also creates the domain. It is not possible to have a domain without a domain controller.
If you decide that your organization requires more than one domain, you must create at least one domain controller for each additional domain. Additional domains in a forest can be either:
Create a new child domain when you want to create a domain that shares a contiguous namespace with one or more domains. This means that the name of the new domain contains the full name of the parent domain. For example, sales.microsoft.com would be a child domain of microsoft.com. Use this domain tree structure to hierarchically organize domains within your organization.
Create the root of a new domain tree to create a domain whose name is not related to the other domains in the forest. Create new domain trees to include domains for various branches of your organization in the same forest and allow them to retain their own unique Internet domain names.
If you already have one domain controller in a particular domain, you can add additional domain controllers to that domain to improve the availability and reliability of network services. Having more than one domain controller in a domain makes it possible for the domain to continue to function if one domain controller fails or must be disconnected for some reason. Multiple domain controllers can also improve performance by making it easier for a Windows 2000 client to connect to a domain controller when logging on to the network.
If your network is divided into sites, it is often good practice to put at least one domain controller in each site. When network clients log on to the network, they must contact a domain controller as part of the logon process. If the clients must connect to a domain controller over a slow network connection, the logon process may take an unacceptably long time. Placing a domain controller in each site, allows client logon processes to be handled within the site without using the slower network connection between sites.