I use active directory and forms authentication. You can use this with the default Account/Login.aspx. These are the links that I have used to set it up.
This link will show you how to log in with Active Directory. This link will show you how to set up an ADRoleProvider.
I prefer to use them both because the first link will show you how to get the AD groups of the logged in user, but it saves them to an authentication cookie. You will have to decrypt this cookie to see which group the ad user is in... this can be a hassle.
The 2nd link will show you have to use roles, which is much simpler.
You can have a simple if statement like..
if(User.IsUserInRole("SoftDev"))
{
//do something
}
or you use the roles in the web config like this..
<location path="Account/Whatever.aspx">
<system.web>
<authorization>
<allow roles="SoftDev"/>
<deny users="*" />
</authorization>
</system.web>
</location>
this will deny everyone to that page besides the group "SoftDev"
Both these links are meant if you are using Forms Authentication as there are other articles out there for using Windows Authentication. I hope this helps.