Never create a .local domain in DNS, Active Directory, whatever. The .local TLD is reserved for mDNS (Bonjour in the Apple world). If you ever have to introduce Macs and other Apple products into your enviorment you'll have so many fewer headaches if you don't use .local, and it's the right thing to do. Anyway, it's been many years since I integrated BIND and Active Directory, but it is doable. Your best bet is to keep things as simple as possible thorugh. For example, have your local BIND server use the AD DNS servers to resolve anything the BIND server doesn't know about. -- Andrew S. Zbikowski | http://andy.zibnet.us IT Outhouse Blog Thing | http://www.itouthouse.com