There is absolutely no design aspect to it at all!

Users are assigned to OUs by your AD Team and are already in your Domain. The only thing you need to do is ask your AD Team to create your groups and assign specific users to those groups. Permissions that the users have inside your SQL Server are controlled by the SQL Server itself. All you need to do once you have created the login on the server for the group is assign permissions to said group as you would for a normal user! Nothing else!

The only thing you would really need to be aware of is that where a single user has multiple group membership, the permissions are cumulative unless an explicit DENY is issued. Otherwise there really is nothing to it!

Grouping by server is also really unecessary. Don't forget, you are going to create a login for your groups on each server to which they are to have access. No login = no access.

In summary: Create a basic AD group, assign users to that group, create a login for that group on your server and map the databases, assign permission, roles and privileges to that group as you would a normal user.