Well considering that I refuse to force my users to use IE and I wouldn't dream of using .NET, I'm fine with pulling that info out of a LDAP table based on the login that they use.

Plus, you're also limiting your users to connecting to your application from a Windows, company-specific workstation. That's kind of a crappy way to handle things, IMHO.