With Microsoft having released their OpenSSH port for Windows Server, and you want to support ssh for your users, it's recommended to enable ssh key authentication rather than a username and password combination. If you don't want to add a .ssh/auhtorized_keys
file for all your users (daunting task with tens / hundreds / thousands of servers), you can easily extend your Active Directory schema to store a public key.
Storing SSH public keys in Active Directory gives you a single location where you can manage keys instead of on all those tens / hundreds / thousands of servers. Win-win!
Here is how to store user SSH keys in Active Directory for SSH authentication.