Hi Kal0el,
using AD integration is the preferred way. Users have the luxury of using just one set of credentials and you know that the password policy is enforced too (password lockout, password complexity, password age), so it is a good option over local accounts. The users would need to change their passwords from their Windows session, not LEM.
If you have not implemented this yet, may I suggest you configure directory service groups vs individual accounts? This allows you easier management of who logs in to LEM and what privileges they gain.
Regards,
Garreth
