If you set up a Cisco ACS server you can point it to your Active Directory by installing a remote agent on a domain controller.
We have two ACS servers set up pointing to our AD and have it configured to use Windows Authentication and have mapped groups so that users in AD that are member of different groups get different access, such as VPN_Group members can authenticate to our ASA using Radius, and members of a Cisco_Admin group can authenticate with level 15 priviledge to all routers and switches with TACACS, etc.