I know that local is not correct.

No need to repeat dogma after someone. Why is .local not correct? At 0.1% of companies, the network infrastructure is organized in such a way that they will step on a rake with .local. The remaining 99.9% have no problems and never will. And this is not "roulette", an adequate administrator knows for sure that there is no Zeroconf in his network. Microsoft's advice not to use .local is advice to "specialists" who have no idea what's going on on their network. Just in case, so that the existing mess does not become an even worse mess.

If the organization is so large that it requires the allocation of separate zones (branches, departments) administered independently by other people, then yes, it is better to immediately think about third-level domains.

If the organization is so large, then next to you there will be several experienced colleagues who will explain, not abstractly, but on a real configuration, why certain decisions were made (3rd level domain or 2nd level, and much more). Microsoft gives some recommendations, but they (recommendations) will not replace the brains of the administrator. These are not even best practices, this is the point from which to start when there is no experience. But these recommendations will not prevent stepping on a rake (others), here is an example from recent questions here: https://qna.habr.com/q/1046186

There is a domain (AD), the main DNS suffix of the domain is company.ru...
...
Recently, a domain name has been registered in the RU zone - company.ru. Registered not by us...

The curtain.
In the case of .local, there would be no such problem. We conclude: thoughtlessly following the recommendations does not save you from problems. Even if they made a 3rd level domain corp.company.ru, it would not save them.

Follow the logic:
1) a separate domain, as a rule, a separate IT infrastructure, a separate web server, for example
2) you have to pay for second-level domains. On an organization scale, they may be cheap, but you need to monitor their delinquency status. Third-level domain registration does not need to be coordinated with purchases.
3) a suitable second-level domain name may already be taken, while the entire 3rd-level namespace is at your fingertips.
4) one wildcard SSL certificate can be issued for all 3-level domains.

local is what will not be visible from the internet. How do you call it there and how many levels - taste, by and large.
If the organization is so large that it requires the allocation of separate zones (branches, departments) administered independently by other people, then yes, it is better to immediately think about third-level domains.

The topic with the creation of a 3rd level domain is appropriate / necessary in cases where you need to somehow expose the domain controller "bare ass" to WWW so that remoters can log in to it without any VPN and other tambourines.
The third/fourth level - so that only the addresses of the AD controllers sit on the domain, and not any Web stuff and other things that can be located in the DMZ or even from a third-party hoster. And the further away the AD server is / the longer it is searched for, the more the client gets dumb

There will be some problems with DNS, I want to understand what it is about

smoke the question about Split (Split-Brain) DNS...