I agree that you'd be better off thoroughly testing some scripts to do the migration. However, there's no reason why you can't (AFAIK) just have ssh/sftp authenticating against the AD. Just set up PAM to use kerberos, and point it to the AD server. You may well have to do a bit of messing around with usernames, but it should work (famous last words
). Of course, since you'd be using two different sets of passwords (samba and AD), they could get out of sync, but as a temporary measure it might be good enough until you properly convert to AD throughout.
Good luck.
Out of interest, why the rush? This sort of thing really does require thorough testing before 'going live'.