I need a web-based, SQL-backended application that integrates with MS Active Directory and provides single sign-in authentication to users accessing it. The application needs 3 main functions:
1. A front-end for users to request access to resources which, in-turn are based on AD security groups.
2. A back-end administrative site to add resources and resource managers to authorize requests based on active directory user accounts/emails.
3. An automated back-end system that syncs information in active directory to the application and creates periodic reviews of the users granted access to each resource.