I am testing a web-based application that authenticates user via single sign on using Windows/Active Directory credentials.
How should I script the login step of this application?
When recording such application you should get an authentication pop-up from NeoLoad during the recording.
That way you will be able to enter your Windows credential during the recording and make sure that it works fine. NeoLoad stores those credential at the server definition level so you can modify them if needed or use a variable to vary them during replaying.
If your authentication is a Kerberos authentication only (ie NTLM is not possible) then you will have to confgure NeoLoad for Kerberos authentication since it's disabled by default.
For more details, you should look at the NeoLoad documentation here