I don't even know where to even post this quieson. Maybe some one could point me to the correct place.

Recently (Hours ago) our College I.T. department has demanded that our Department authenticate our workstation accounts to their active directory. And they claim that the two networks can't co-exist so we may have to drop Novell. I have been working with Novell for 16 years now and we have developed a very rich program using eDir. Recently we have been moving to SUSE oes2 and We now have 8 Suse Servers 1 NetWare and three windows 2008 R2 servers. All servers except for the Windows servers are on eDir, Using NSS volumes. One of the Windows Servers is running our ZCM 10. Which at the end of the semester I was planning to switch to Suse11 oes11. But is there any way that I can authenticate to the I.T. domain with ZCM and still keep our current structure.
Their goal is to have student password sync across campus. If ZCM (and how?) can't easily do this is there a single sign on product we can use? Would IDM be a good choice? I need to have this as non-intrusive to the I.T. department as possible.