Thread:Project:Support desk/Single Sign On - LDAP Extension/reply (7)

If you are using IIS, SSO should already work, right? And then you would need something like Auth_remoteuser to get the logged in user.