I think it is possible to utilize Active Directory for that type of functionality (storage of User-specific data, in this case keys) - however, I don't believe the data would necessarily be transferred and stored in a secure manner. Compare to KTM ES AD, which is specifically designed not to expose keys outside of hardware when used in conjunction with an HSM.