Using Windows 2003 Domain user accounts, users can log on to an Active Directory domain and gain access to the resources on the network. With Windows 2003 Domain user account, a user can gain access to the resources on the local computer and also the resources in the Active Directory network. When a user log on to the Domain using his/her domain user account credentials, Windows Server 2003 validate the user credentials and authenticates the user. Windows 2003 then creates an access token for the duration of the logon session which contains information about the user and other related security settings. This access token identifies the user to computers operating in the Active Directory Domain.
The Active Directory Domain user accounts information is stored inside the Active Directory database file, named NTDS.DIT. NTDS.DIT database file is located in Windows\NTDS by default, but you can specify a different path while you install Active Directory using DCPROMO tool. Since the Active Directory Domain User account details are kept in the Active Directory database, the Domain User account details are replicated to other Domain Controllers in the Active Directory Domain. After Windows Server 2003 replicates the new user account information, all of the domain controllers in the Active Directory Domain can authenticate the Active Directory Domain user account created.