how to setup SQL sever security for a distributed application

Hi,
I tried googling but couldn't find an answer so thought of posting it here.

I have an application (written in VB.Net) which sits on N number of desktops within a domain. (mycompany.local)

I have SQL sever 2008 running on the Server (Windows Server 2003) and currently I'm using a SQL Server username and password to make the connection.

I don't want to use a explicit password and want to use the windows authhentication instead. (since it is more secure to do so.)
How do i go about doing this?

So far I've identified 2 ways of doing it.

1. Make a user group on Active Directory called my*****ers and put all the users who will be using my application into it, then using that group to create a login in SQL Server.

2. Create a new user account MyApp on Active Directory and create a login for that in SQL Sever. Programically get the credentials from active directory for that username everytime the application starts and use it to log into SQL sever.[Don't know if this is possible but looks the better solution]

Please post some comments here and possibly some code for my 2nd proposed solution if possible.

I want to make the Windows authentication system a layer outside my Application security so that a hacker can't access the SQL Server using my app from outside the domian and;

also for an employee/user within the domain not to be able to just open SQL Management Studio and modify data in the tables.

Moved To Database Development

ding any suggetions..???