With this option, Jenkins authenticates the username and the password through Active Directory.

Jenkins recognizes all the groups in Active Directory that the user belongs to, so you can use those to make authorization decisions (for example, you can choose the matrix-based security as the authorization strategy and perhaps allow "Domain Admins" to administer Jenkins.)

If you have trouble setting up the AD authentication, set authorization to "Anyone can do anything", and use this authentication test tool to diagnose the problem. (this tool can be still used with more strict authorization scheme, as long as you have the admin access to Jenkins yourself.)