Hello ABU,
You can achieve this requirement using the SAP Single Sign-On product (license required). You can implement SAML authentication and you can configure MS AD authentication to the SAML Identity Provider. Using the SAP Single Sign-On product you can also implement "one login" and your users will authenticate first to the MS Domain in the morning and then they will have SSO to SAP Fiori and no additional authentication will be necessary. SAP Single Sign-On product offers also Mobile SSO solution based on time-based one-time passwords and this solution is also available for the native mobile application SAP Fiori Client.
Regards,
Donka Dimitrova