|"Why is using the DNS of the ISP incorrect? I've done it and it worked."|
If you are working with AD and workstations as part of the domain. the workstation dns entries point to the ms dns server. It is the only way you can have local dns name resolution for the workstations to find the servers or the servers find the workstations.
The ISP dns servers will never know this information.
Local workstations will work AFTER name resolution tries everything and then reverts to broadcasts [wherre are you AD server?]. You don't want your name resolution reverting to broadcasts as this causes delays and saturates the bandwidth.
unityjon putting the isp's dns entry as secondary is not uncommon but is only consulted if the primary dns server is down. As you experienced AD doesn't work then.
By design MS wants two AD/DNS servers. This way if one box goes down you still have AD and you still have dns.
MS dns forwarders tab is used to forward name resolutions the ms dns server doesn't know about. These point to the isps dns server.
I would trade your 5-6 adsl lines for one mega pipe. You have got to be paying $2-300 a month for that setup.
It does not gain you anything. You are just allocating bandwidth at a physical level instead of the industry standard way of using caching/bandwidth control servers. You get none of the benefits of fault tolerance/failover, bandwidth shaping or monitoring with your setup.
You appear to be raw on the internet.
You should have internet<> router firewall<>webserver<>router/firewall<> your servers/workstations.
Instead you have 6 hacker unprotected paths to your entire network.
You really need to understand AD and its design. "server suddenly had an issue" sounds more like a misconfiguration than a server failure.