More specifically I'm looking to get single-sign-on to work so that people on the rest of the domain can connect to this box over ssh without having to enter another password.
disclaimer: I'm a complete noob when it comes to all things Windows.
SnapOverflow
If you require Kerberos authentication with Active Directory, this white paper should help you get this configured; it's a few years old however: http://port25.technet.com/Videos/research/OpenSSH%20on%20Linux%20using%20Windows.pdf
Probably the safest (and arguably easiest) way to achieve this is by using certificate keys with SSH instead of passwords -- to the user it'll be seamless, but you also have a bit more control over revoking certain certificates (with proper PKI setup) if you're dealing with a large amount of users. There's a few tutorials out there to do this but using
puTTyis pretty straightforward, but be prepared to sit down at each workstation to do this (I don't know if there's a way to deploy this automatically because Windows doesn't have anything like/home/foo/.ssh/id_rsato make it easy for apps to know where the private key store is; maybe with Cygwin this is easier? Not sure).If you just want users to be able to SSH in with the same credentials that they use on their Windows computers, you can configure the server to authenticate against Active Directory so all of their credentials can stay in one place. I did this once a while back when we were playing with Ubuntu and it seemed to work well. The Ubuntu help site has a howto article explaining how to hook authentication up to Active Directory if that would work for you.
Note: This assumes your computers are part of a domain and you use centralized account management.