If a domain admin account is compromised, an attacker can request data on the domain controller to be replicated to the current machine (any domain-joined computer will work).
If a domain admin account is compromised, an attacker can request data on the domain controller to be replicated to the current machine (any domain-joined computer will work).