Complete Windows Server 2012 Practice Test 2025

The reasoning behind why organizational units cannot contain multiple Active Directory domains is tied to the structure and purpose of Active Directory itself. Organizational units (OUs) are primarily used to organize users, groups, computers, and other objects within a single Active Directory domain. They function as a way to create a hierarchy and delegate administrative control within that specific domain.

In contrast, domains are designed to operate as standalone directory services that manage a collection of objects and their associated policies. Each domain has its own security boundary and administrative autonomy. Sites, on the other hand, refer to the physical topology of the network and not the logical structure, while groups are used for managing collections of user accounts and resources within a domain. Thus, the concepts and functionalities of OUs are strictly limited to the scope of a single domain, differentiating them from the other options that can encapsulate broader structures or functions involving multiple domains.