Kerberos/single sign-on/promotion to OD Master from
Standalone server does NOT work under 10.4.7 Server if DNS is not set up and running on the 10.4.7 Server itself.
This is NOT true. It is not helpful to make these sort of broad statements without thorough testing.
I have multiple 10.4.7 AD/integrated Single-Sign On environments using Windows 2003 supplied DNS with Master/Replicas/SSO working perfectly.
While DNS running on the Master can be beneficial to eliminate variables or areas outside the control of the Mac admin, it is far from necessary based on the multiple installs, both new and upgraded, that I have been done since 10.4.7 came out. A
functional DNS, with both FW and Rev. lookups for all involved server is the critical piece.
Mac OS X (10.4.7)