Once upon a time I set about getting a Linux server to use our Active Directory for logins, and I got it so that I could login as myself and then work on the server, and SU to root to make system changes using the server's local root password.
However, part of the plan we wanted was to not have separate root accounts on every server with passwords which need tracking and updating.
What's a way around this? Can root be a centralised AD account like a Windows Administrator account? Can non-root users be given root permissions in a way that isn't a bodge?
You can create root privileges based on LDAP groups using sudo (see the manual for examples). You can even store your sudo configuration within LDAP.
See this question. Debian and LDAP for sudo
Something to consider, though, is how you would be able to perform system maintenance and/or recovery. (At this point LDAP/AD services are not yet running on the local system, so root would not be able to authenticate.)