Hi,
There are several ways to do the same.
As you required within your organization so you can use LDAP (AD)
How to use AD :
http://msdn.microsoft.com/en-us/library/ms180890(v=vs.80).aspx[
^]
If you try to use it global purpose then this will not work you can issue some certificate using which you may identify user and apply policy according to that, as certificate is a physical file so you will just sent that certificate to particular user she/he will authenticate them self using that.
Thanks
Suvabrata