We've got a fairly substantial student-run project at my med school and LDAP is a mission-critical component. We've been prototyping for months and LDAP has been a constant source of headaches. Over that time I've seen jauthtools documentation improve substantially and today I finally sat down with one of the university's webdevs in his office and confirmed every character of every parameter. And now it works. In retrospect, jauthtools was never the weak link, but many miscommunications with at least four different developers over months of intermittent emails and phone conversations. I strongly recommend anyone new to LDAP find your network's ldap admin, sit in the room with them and compare the Joomla LDAP authentication plugin management screen to the configuration of an LDAP service they know is working. An known good httpd.conf file should have what you need for at least HTTP SSO.

This extension works as advertised. Worked great for frontend logins out of box - the developer was even nice enough to get it working on the back end administrator for me as well!

We are looking to use Joomla in education K - 12 and networks use mostly Novell's eDirectory, but there a some Windows 2003 AD networks as well. The LDAP auth system works very well, when all users are members of the same OU, but most schools keep there users for maintenance reasons in different OUs. When using the LDAP auth tools and configuring User DN: 'The [username] keyword is dynamically replaced by the user-provided login, so an example string is: uid=[username], dc=my-domain, dc=com. Several strings can be used, separated by semicolons.'
When configuring the string as: cn=[username],ou=staff,o=org;cn=[username],ou=students,o=org the search is shown as cn=name,ou=staff,o=org,ou=students,o=org which then has to fail. I have written several LDAP authentication mechanisms in PHP for AD and eDirectory. I am currently looking at Sam's code and see where it can be adjusted to provide that authentication where users are members of different OUs.

I'm using it on my 2003 Active Directory corporate intranet site and I finally got it to work! Short of a total lack of serious documentation and no means to easily troubleshoot, it does it's job when it's configured properly. (a "Test Query" button on the Bot config screen would be GREAT). You MUST download the latest files.
It's also very picky about it's queries - you need to be a perfect match (no extra spaces, etc). I actually used Ethereal (a packet sniffer) to monitor the LDAP activity to figure out all the details of how it worked. Between Ethereal and looking at the code itself, it started to make sense.

I'm hosting on IIS, with integrated authentication on the whole site. I'm using Samuel's ldap bot, ldap sync bot, and the HTTP Single Signon. My users love it because they don't even see a login box - and yet it populates all the usual user fields and keeps them in sync with AD.

I'm using Community Builder and find that I still have to "approve" the user even the the auto-approve setting is enabled (at least so they can see their profile) but normal "registered" user functionality is there immediately.
If you have patience - it's a great tool.

You will need to enable legacy mode to install it. Once installed it will show up in plugins.

It's not recognized as a component, mambot or module.