use
IIS Integrated Authentication[
^] to handle the login process if you want to use AD credentials; you can't read passwords from AD, only confirm them
Use a single login to address the SQL server, have functionality determined by the
Page.User[
^] property to work out who's asking