as I am right informed you should do the following:
- Create an user account in the MS Server active directory
- Create a user account in the MikroTik "usermanager"
- And the the user is able to boot his laptop or Notebook
- He have to choose the method "Domain" login
- The MS Windows OS on the portable devices will inter store
the entire Domain login
- Then you must connect and login into the MikroTik device
- And after the will be established the portable Windows Clients
would be able to login the MS Server AD Domain.
If you are using non MS Operating Systems such as Windows
it would be perhaps not running like that!!!! Something like iPads from Apple.
So if this is the version of the entire situation is coming true
you should please looking at this Link here to Wikipedia, about
using a FreeRadius Server and integrating this into a MS active
directory it would be better owed to the circumstance that the Apple iOS
is able to hold X.509 Radius certificates by defaults!
Link: FreeRadius AD integration HOWTO
It is also doable to think about another version of this situation
FreeRadius + LDAP + AD integration
Good luck to you!