Can SSO just use the local OS users and not AD?

We are small: 3 hosts with approx 40 VMs.  I only need one server to do all my vCenter stuff, and that's how I've operated through 4.1.

I plan on doing a simple install when upgrading to 5.1.  I would rather _not_ deal with Single Sign-On discoverying, adding and depending on my Active Directory if I can help it.  From reading the vSphere ESXi vCenter Server 5.1 Upgrade Guide, around pages 30-31, it appears I can indeed just use SSO with local users, and not need it to discover AD at all.  Then again, it isn't exactly clear to me.

Here's what it says:

Page 30-31

How vCenter Single Sign-On Affects vCenter Server Upgrades:

When you upgrade to vCenter Server 5.1, the upgrade process installs vCenter Single Sign-On first and then upgrades vCenter Server....

In vCenter Server 5.1, if vCenter Single Sign-On is ... on a machine that is joined to an Active Directory domain, Single Sign-On will automatically discover the existing Active Directory domain and add it as an identity source during the Single Sign-On installation process. If Single Sign-On is not running on a virtual machine or physical machine that is in the same domain as Active Directory, you must use the vSphere Web Client to log in to vCenter Server and add the Active Directory domain to Single SignOn.

If you install vCenter Single Sign-On and vCenter Server on the same physical machine or virtual machine, Single Sign-On recognizes existing local operating system users. After the upgrade, you can log in to vCenter Server with a registered local operating system user ID.

In vCenter Server 5.1, the term "local operating system users" refers to those local users in the Single Sign-On host machine instead of the vCenter Server host machine or virtual machine. After the upgrade, if no super administrator remains (the administrative user or group for the root folder), you must provide a valid user or group to be used as super administrator during installation.

So I can just be logged-in local admin on my vCenter Server, install SSO, then the rest, and be done?  No need to attach AD?

PS: my current 4.1 vCenter Server is indeed a member of our AD (Windows Server 2008), but this is mainly just to do WSUS and such.  I do not require AD otherwise.