Here's my notes from the conference this past weekend. the guy giving the 'single sign-on' integration talk made it look easy.. I haven't tried yet so I can't confirm
Setup Active Directory (err of course) he works for an oakland university so that's the example used..
realm = ldap.secs.oakland.edu
binddn cn=LDAP Query user, cn=users, dc=secs, dc=oakland, dc=edu
default_realm = secs.oakland.edu
I do recall he specified here that ldap needs to be first in this list..
He also commented that when using the kerberized putty, once you had authenticated on the machine you could ssh to any of hte related boxes using putty and not have to authenticate since that was taken care of by Kerberos at this point..
Google for "Morons Guide to Kerberos" - he said this short article will give you a quick grasp of kerberos..
And that's pretty much all of the config he shared.. makes it look really simple. :/
Hope something here helps you out.. I'll be trying this out in a couple days myself..