As far as I know,
a child domain's fully-qualified domain name (FQDN) must be a subdomain of the parent domain's FQDN.
Also an implicit trust (two way – transitive) is established between them.
Are there any differences between the child domain and a parent domain?
Are there any things that a parent domain can control or do to a child domain that a child domain can't do to a parent domain?
Best Answer
No, the domains each provide a security boundary and don't do anything to each other. The forest config, however, may affect both domains.
The main practical difference is that, by default, members of Domain Admin in the root domain may add themselves to Enterprise Admins and do the tasks allowed by that role. Of course, members of any child domain can be added to Enterprise admins as well. Anyone who is a member of Enterprise Admin has full admin rights to child domains.
Outside of Enterprise Admin, though, anyone who needs to access resources in a different domain needs to be granted explicit permissions. You should understand how to use AD groups and groups scope (like Universal vs Global vs DomainLocal) if you need to manage access to resources between domains.
You should always carefully consider why you might want a child domain at all. Other than perhaps academic environments (e.g to easily separate staff resources from student accounts) or similar limited use-cases such as very large enterprises, there aren't many scenarios where they'd be highly desirable. Remember, more domains = more DCs = more management and maintenance overhead. Also, if you plan to or are currently using cloud services like Office365, etc, that can cause additional complexity.
Much of what people tend to use child domains for can be done by better OU management and decent role definitions and rights delegations.