AD (Active Directory) is a directory service provider (a system that provides authentication, directory, policy, and other services in a Windows environment).
LDAP (Lightweight Directory Access Protocol) is a protocol designed for directory service providers for querying and modifying items in directory service providers like AD, which supports a form of LDAP.
In other words, you use LDAP for retrieving information from AD.
Now, if you need to implement an authentication of intranet users against Windows domain (AD) then you need to read about Integrated Windows Authentication. To enable it typically you need
- setup IIS for integrated windows authentication
- setup asp.net application
and optionally enable integrated windows authentication in IE. Read more here
Once done, user will be automatically logged in without entering his login name or password. You will be able to get his identity (User.Identity.Name) and other properties from AD.
This is a secure form of authentication which you can see when using SharePoint, Outlook Web Access or similar intranet applications.