As it did for one company, you can take the idea as a basis.
Was a form for the administrator and mailing address, the service was periodically taken these data and registered users in AD. Accordingly, these users appeared on the SharePoint portal.
In principle, MS is a turnkey solution for authentication in the corporate network. You may want to consider
Another question you need one way or round trip?