You haven't mentioned whether you are trying to use NTLM Authentication or DC Interface, so which method are you planning on using?
To make an easier decision, how many domain controllers do you have in your environment, and how many end users do you have?
Cheers,
Kevin