In an ADS domain, this is the main MMC console that is used to administer users, computers, OUs, GPOs, and other ADS structures. It is the key utility for managing the AD for all your Windows 2000 and XP boxes.
Windows NT machines are members of the domain, but do not get any policies from a GPO. Windows 95-era machines do not become members of the domain, but can still use it to login.
Users, user groups, computers, computer groups, published printers, group policies, AD security - basically any AD object is controlled here.
AD Sites & Services and AD Domains & Trusts are also key tools to managing an AD domain, but they are for the domain-level tasks, such as replication, trusts, domain controller management, and schema overview.