sorry I can only provide you with some of the plugin code and some helpful tips. The framework my plugin is built on is proprietary to my company and protected by a non disclosure agreement.
the framework has an ad_user class that makes use of the opensource adLDAP class.
configure adldap to use your AD domain, controller, and some non privileged user that can browse the directory. If you will be using this to communicate across the internet I strongly advise you to set up your domain controller to support LDAPS (ldap over ssl). If you are using LDAPS you will need to set that up in the adldap file as well.
so the user class I wrote essentially just authenticates them using adldap then maps their ID email, groups, etc to class properties. use the authenticate(user, password) method to verify the username/password then use the user_info(username) mehtod to lookup all the user details such as email address, username, etc. the user_info method returns an associative array with many useful elements most importantly the 'memberof' element which itself is an array of the groups the user belongs to.
each group entry is the DN of the AD group so all I did was explode the comma separated values into an array and everything that had CN=Builtin I added the group name to the users groups and everything that was OU=Email Groups I threw into the users email groups (obviously optional). I ignore everything else.
I combined that user class with an ACL class and a webpage class that verifies the user has permission based on the ACL, but you can get by just fine without those.
simply set up a myDBR SSO plugin like in the documentation and create your ad_user object using a supplied username and password (presumably from an html form) then if the user is authenticated loop through the groups to build your mydbr groups. I use a switch statement to filter out only the AD groups I wish to use as well as to apply the mydbr admin flag to the admin groups.
Everything should be pretty straight forward. I'll help you as much as I can without breaking my agreement. I am assuming you are a php programmer of course.