No, you can use AD integration for gateway login too. As per my previous post, use the AD Ignition Hybrid and create an Administrator role in that spelt exactly the same as "Administrator" in the default database. Anyone assigned that role can log in as an administrator using their AD credentials and you can keep the default Administrator password secret for emergencies or when the AD connection breaks.