I will have to do some lab work to learn more about working in a mixed AD environment where the passwords are kept in a separate kerberos system.

A little background: Designing an Authentication System: A Dialogue in Four Scenes

Kerberos Consortium Kerberos Protocol Tutorial

Some info on how to actually make it work:

Configure Debian Linux box as Kerberos admin server and K MIT Kerberos installation on Debian

Active Directory and MIT Kerberos trusts (PIG: Practical Interoperability Guides)