Although OWIN have a package "Microsoft.Owin.Security.ActiveDirectory" seems can support AD login, but it looks like made for ADFS, and leak document on MSDN so I dunno how to use it on basic AD login, so I decide find other way to implement AD login to MVC.
After long long time search, this post "OWIN with LDAP Authentication" help me a lot, my solution basic on it and add some other feature.