I tend to agree and with Andy and Brian, but I am confused. It's been awhile since I worked with DSNs (too much of a admin pain), but as I understand it:
The DSN merely points the user in the right direction. There are no credentials stored in the DSN. If you choose NT Auth, then at connection time, the current credentials of the user are passed to the server. If they are not valid, then I assume you get a login invalid (or perhaps a dialog).
If you choose SQL auth, then the U/P must be sent at login time or a dialog is presented. Either way, for the web app, you must use SQL auth if you are going to allow users to enter U/Pwd and maintain their same permissions. If you use NT Auth, the app will always connect using the credentials of the IIS service.
Now, for AD, I am not sure what updates have been made to DSNs to handle this. My guess is they haven't done much, or they assume that the workstation must be part of the domain.
Not sure what to tell you, but my recommendation is to go with SQL Auth if you are integrating two apps.
Good luck and we'd appreciate hearing back from you if you learn something different.