Initially, we placed the DFS function on the 2 domain controllers but the login times are getting longer/slower and the CPU/memory resources on the 2 domain controllers are almost flatline during peak hours where a lot of users are reading and writing files on the servers. To mitigate this, we plan to deploy 2 new domain controllers, demote the 2 old domain controllers and leave the DFS function on the old servers.
I know that a domain namespace is highly dependent on Active Directory -- is there going to be a performance issue if we split the DFS function from the domain controllers? Is our plan the best approach or is there a better one?
Are the domain controllers hosting the DFS namespace and the shared folders? If they're only hosting the DFS namespace then the user activity should have no bearing on the performance of the domain controllers. My recommendation before you go and build new domain controllers would be to run performance monitor on the domain controllers and see what's really causing the problem. You can do this very easily with PerfWiz and PAL.
http://www.microsoft.com/downloads/en/details.aspx?FamilyID=31fccd98-c3a1-4644-9622-faa046d69214
http://pal.codeplex.com/