I recall this coming up ages ago (when I was still very new to Linux too) and one of the TKL core devs (I think it was Liraz) put a pretty good argument across (it totally convinced me anyway) and perhaps if you search you may be able to find it. I probably can't recreate it with the clarity and elegance that was done then, but I can say that the core devs are certainly not Linux slouches and take security seriously (they both have history of working within military IT security).

From my understanding/perspective, the general rule on using limited user accounts definately applies to a desktop system (or any system where you often have users logged into the system - at the commandline). But on a server system where all the processes are running in non privelidged accounts anyway and user commnadline logins only occur for maintenance and setup the hardline 'don't log in as root' reasoning breaks down somewhat.

Perhaps a good way to start is to explore the reasons why you would run as a 'sudo user' rather than root. The reasons as I understand them are:

1. Reduce chances of accidentally breaking things - by requiring you to type your password for any potentially destructive commands allows you to stop and think "do I really want to do this?", "do I know what I am doing?", "do I understand the consequences?"
2. If you leave your computer unattended and logged in that no one else can come along and perform destructive commands without your authority.
3. Someone trying to hack your system needs to work out your username as well as your password. With a system with the root account enabled they only have to work out your password. A case of security by obscurity...
4. Can't think of any others, although perhaps there are...

So let's look at these:

1. Reality is that a user that can run sudo can do just as much damage to a system as the root user (sudo in essence allows the user to run as root once they have put in their password). On a system where you are only logging in to perform maintenance and/or setup, most if not all things you will do will require root/sudo access. So this advantage is much less relevant and just becomes extra typing everytime you want to do stuff... (Just means you need to put in your password twice).
2. As a general rule you wouldn't be wanting to leave a logged in terminal open anyway. In my personal practice I never locally log in anyway (always login via SSH session which automatically ends when you close it).
3. Whilst you could argue that this adds an extra layer of security, securtiy by obscurity is no real security at all. And in this day and age of the ability to easily and cheaply aquire use of 'super' computers (and/or many multiple computers - think AWS) with the complexity limitations on usernames (must start with a letter and generally can't include special characters) if someone is committed to breaking into your server then it doesn't significantly raise the bar...
4. ....

And a final thought is that if you are really serious about security then ideally you should set a highly complex string as your password and instead use a key pair to login. With consideration to point 3 above this significantly raises the bar to brute force attack to a point that IMO the 'extra' security gained by not using the root account becomes inconsequential.

Bottom line is that if you are concerned about it, then you can easily install sudo and create a limited user account and disable root access. That's the beauty of Linux! :)