We currently have with BIND DNS servers that are the authorative for our main zone tom.com. The bind servers hand off the AD zones _msdcs.tom.com _tcp.tom.com etc. Everything functions fine, our upgrade went without trouble. This setup is fine for our corporate users since the BIND servers are located in house. However we have about 30 branches that have clients who use the main DNS servers for resolution. That works just fine if the WAN links stay up. They are pretty stable, but there is always that chance. This came up during planning, but was nixed because the reliability was good. I know that if for some resaon these links do fail clients will not be able to logon...especially if when we go native. A thought I had was to setup DNS on each branch server.....create a secondary zone called tom.com, pull all of the info to windows from BIND and point users to their local server for DNS resolution. If we decided to go full Windows DNS we could then change the zone properties to Primary AD integrated. Any thoughts?