@nygl from direct experience:
1. you cannot phase it - DNS, DHCP and AD are all in it together because AD uses DNS and DHCP integrates with DNS via dynamic updates for the client registration,
2. you are better off, as dramatic as it sounds, building a separate infrastructure, just a VLAN will suffice, on which you start moving services and, perhaps, isolate authentication using LDAP,
3. once everyone is authenticating against LDAP and the relevant servers you move the clients off Windows onto <preferred alternative>