ODBC Connections can be defined to use Integrated Windows Authentication. To simplify adminstration, individual users can then be added to Active Directory group(s) and those groups can be assigned SQL Server Roles. More info here:

http://blogs.msdn.com/b/sqlsecurity/archive/2011/08/25/database-engine-permission-basics.aspx