What about using LAPS?

You should have both! If you are running LAPS (Local Admin Password Solution) from Microsoft, you already have a individual password for one local administrative Account on each machine. This can be the origin Administrator with the RID 500 or a custom one. This Account can not be easily managed centrally by AD. Account Expiration, Enable/Disable Account on demand, Change Password etc is handled by the local machine (SAM), which is possibly firewalled or not reachable by RPC.

Advantage: The local account can be used offline without connection to the AD. There are many usecases for using the local adminaccount.

Disadvantage: The local account can not be controlled from AD. Sometimes you need access to your network to install software or get content or read/write ressources from your network in general. The AD user can be handled like any other user. You can assign NTFS permissions, integrate it into existing groups etc.

Benefit of AD Users and Groups: You can use the computername-admins group to permanently gain administrative rights on an indivudual machine. Aswell, you can create personal user accounts for your Administrators and handle them like the computername-admin. Enable it on demand, add an expiration, probably keep the password