Hi Jeffrey,
I have my hand in a little of the Moodle system adminstration in my school but Active Directory is what I look after. I have a couple of thoughts that may help you.
When you say the AD was configured to use both sAMAccountName and the email address, I assume technically they are using the UPN (UserPrincipalName) and set that to the email address. AD has this capability built in. At my school, no one knows they can log in with something that looks like an email address but it does work. Assuming this is the case, is it possible for the younger children to have their UPN set to something simpler? Eg Fred@school? It is straight forward to do if someone knows a scripting language like vb script (I assume PowerShell could do it easy too). The only requirement is that the UPN is unique across the AD forrest but a sAMAccountName only needs to be unique across a domain.
My other thought is the way that we are likely to go to solve another problem - I have staff/students logging in via AD but parents are authenticated via the External Database method. Our plan is to bring everyone on to the AD without changing their Moodle login names. My solution to this problem is to create a new attribute in the AD schema and attach it to the user object. For staff/students I will set it to be the same as sAMAccountName but for parents, we will set it to be their email address. Moodle will reference this new attribute and the end users won't know any difference (except that parents will have a one time password reset requirement since I can extract Moodle password and put it into Moodle).
Depending on your access to the Active Directory (or the access of people who are nice to you), the second method may not be possible because you need to be a Schema Admin to make those changes. My first suggestion only requires permissions over the user (eg Account Operator or similar) to change the UPN.
Regards,
David