A few things about
AD:
No need for a PDC unless you're in
mixed mode, in which case you'll have to run a
PDC simulator to maintain
backwards compatibility with your NT 4.0 network.
The RAS security policies are NOT stored in AD
They are much the same as NT domains, except you can further break users down into
OUs to better organise them and apply policies. In addition
two way transitive trusts become possible.