You mean you want to host a web-based application on your own servers at school? I'd say put your web server in a DMZ (i.e. with a firewall blocking any connections from being opened from the web server to any of your internal servers) and periodically (10 minutes? Half an hour?) replicate your AD from your domain controller over to your webserver (or replicate to an LDAP server on your web server, whatever authentication your web server wants to use). No need to replicate all the information accross, either, just username and password information. Someone who knows more about this than I might be able to point out some way of getting Active Directory to replicate when username/password information is changed rather than periodically.
Does anyone host to the external world and what security measures do you have in place? Is opening port 80 strong enough with AD authentication into the website?