AD DS is a set of services (e.g. authentication, authorization, security policies, update) running on the domain controller that provides core functionalities of Active Directory.
Here are some default AD Domain Services:
- LDAP - Lightweight Directory Access Protocol; provides communication between applications and directory services
- Certificate Services - allows the domain controller to create, validate, and revoke public key certificates
- DNS, LLMNR, NBT-NS - Domain Name Services for identifying IP & hostnames