The Citadel system offers several different authentication modes, which may be selected during your initial installation. Once you select a mode you should not attempt to change it. Doing so could render your user accounts inaccessible.
The authentication modes available are:
This is the most common type of installation. In this mode, Citadel will maintain its own user database. This is also known in some other circles as "black box" authentication.
Self-contained authentication is the mode most sites will want to use. It is by far the easiest because it requires zero maintenance and zero external configuration.
In this mode, Citadel will attempt to authenticate logins using the user database of the underlying host system (Unix or Linux). On a standalone server, this would mean that it uses the user names and passwords stored in the /etc/passwd file. If you are using a customized PAM (Pluggable Authentication Modules) configuration, Citadel can make use of that as well.
In this mode, Citadel will attempt to authenticate logins using an external LDAP directory. The directory schema is expected to conform to the RFC 2307 schema for storing POSIX accounts in LDAP. If your directory is based on OpenLDAP or some other open source product, this is probably the case.
If you select this mode you will be prompted for the host name or IP address and port number of your LDAP server, along with the base DN, bind DN, and bind password. If you don't know what these mean, then you probably should not be selecting this authentication mode.
This mode also uses LDAP, but is compatible with Microsoft Active Directory, which uses a different schema. You will need the host name or IP address and port number of your domain controller, along with the base DN, bind DN, and bind password.
Unless you understand exactly how the external authentication modes work, you should choose self-contained authentication mode.