NFSv4 Kerberos and Local Service Accounts

I am looking for some advice. I have a couple [possibly incorrect] beliefs that seem to be at odds. Firstly, I'd like to start using a more secure method for shared storage between Linux hosts. It seems that NFSv4 with Kerberos is a solid way to achieve this. Secondly, I'm considering shared storage requirements for specific applications for which I would generally create local application/service accounts for. The reason I am looking at local application accounts is because I think it makes sense to have a local account in case the external authentication source (e.g. LDAP) may be unavailable.

The issue is that NFSv4 seems to be predicated upon user identities being available from a centralized source available to the NFS server and the clients mounting shares. Local accounts would not exist in such a centralized source.

So I have a couple questions based on this:
1) Is my general belief that service accounts should be local completely incorrect to start?
2) Is NFSv4 the best option for secure shared storage between Linux hosts?