User Accounts need to exist in the AD node
What Mark has suggested is very good and might work? DNS has to be configured correctly - as always on the AD. There are other variables that need to be taken into account. Namely SMB Digital Signing is not supported. NTP is another critical area to look at.
However I'm not sure if you can have a Replica when the Master is not the KDC? Personally I think Replication may fail as slapcat and kerberosautoconfig won't be able to do their thing. SSH needs to be on as well and I think this too will be affected if the OD Master is not the Key Distribution Centre. I suppose the only real way to find out is to try it?
There may well be further problems with this? For example how are these users going to be able to authenticate when the AD KDC knows nothing of them? Don't forget they only exist in the LDAP node regardless of whether replication works or not. At some point these users would have to be imported into AD. What about home folders? You'd have to let the AD know the UNC path. That's a lot of typing for 350 users.
Antonio Rocco (ACSA)