SQL Server may not be the best place to do that. I would probably use VBScript or PowerShell. You can still reference SQL Server if that's where you need to check before adding/removing. You are also faced with whether the security to manage the group is set up to allow the credentials used to perform the operation to actually do the change.
In my humble opinion there is no need to do this. Potentially you could use a client that accesses SQL data to make AD changes too but making changes with TSQL is not going to be a good idea. I'm not saying it isnt possible - you could connect to an LDAP server with OPENQUERY but to reliably make the changes and so on would not be something I'd choose to do in my environment.