The DNS which ships with Windows 2000/2003 server.
1. DNS supports Dynamic registration of SRV records registered by a Active Directory server or a domain controller during promotion. With the help of SRV records client machines can find domain controllers in your network.
2. DNS supports *Secure Dynamic updates*. Unauthorized access is deniend.
3. Exchange server needs internal DNS or AD DNS to locate Global Catalog servers.
4. AD-Integrated Zone. If you have more than one domain controller (recommended) you need not worry about zone replication. AD-replication will take care of DNS zone replication also.
5. If you use DHCP with AD no other DHCP will be able to service client requests comming from different network. It’s because DHCP server is authorized in AD.
Moreover, you can use NT4 DNS with Service Pack 4 or later. It supports both SRV and Dynamic Updates.
So for BIND DNS you must be running atleast 4.9.7 version which supports SRV and meets the minimum requirements for Active Directory Support. However, BIND 8.2.1 and later support dynamic updates and incremental zone transfers, in addition to the SRV records.
Based on the tests performed by various vendors and Microsoft, the recommended BIND version that proves to work best with Active Directory is BIND 8.2.2. Keep in mind that BIND DNS servers do not support Active Directory integrated zones—-So basically this is the difference between using MS DNS and External DNS to support Active Directory. In addition to SRV and Dynmaic Support, replication is also effected if you create an AD-Integrated Zone which can replicate with Directory Replication and no overehead of planning for DNS Replication. BINDs are limited to primary and secondary zones.
So using MS DNS gives the following benefits: –
If you implement networks that require secure updates.
If you want to take benefit of Active Directory replication.
If you want to integrate DHCP with DNS for Low-level clients to register their Host records in MS DNS.
MS support for DNS is better than external DNS servers.
Many articles have been written on MS DNS+Active Directory (Troubleshooting articles)
Have a look at these articles:
Active Directory design consideration:
DNS and Active Directory:
Securing DNS by design:
Frequently asked questions about DNS