That's all you can do. Import the devices from an LDAP directory into the CAS server. You do this so that you can manage your devices in the CAS server - you're not using AD to manage your devices. The import can be done as a once-only import or you can setup a dynamic discover group. This is all documented in the CAS guide.
Just to correct what Karl stated. You can create a recurring job to import from AD/LDAP. You do this under the Group Creation wizard in the Group Management Section, (Dynamic Group type) So you can actually do more than just a one time import. When a device is deleted from AD, the group that is synced into CAS will be updated accordingly. Just as if a device is added to AD/LDAP the group will be updated accordingly.