Sorry pdanes, but using SQL Server as a conduit to AD, especially via xp_logininfo, to control what a user can see or do within an application seems like a bad design to me. Authentication and authorization for an application is traditionally handled within the application tier, not offloaded to the data tier. Just my two cents. If you're coding your application in .NET there are some very robust classes built into the Framework that make it very easy to do what you're trying to do directly from within your application.

If you're in love with the idea of tucking all the AD lookups into your data tier then consider a Linked Server configured to connect to and issue queries against AD. Getting a user's group memberships, or a group's members list, is trivial using a Linked Server.