I can tell you we haven't tested against anything other than Active Directory, which means there COULD be some identifiers that we're looking for that aren't configurable and are unique for AD, or were the best choice for AD that might not be the best choice for the rest of the known LDAP universe.
The implementation, however, is LDAP-based, not any kind of Windows local SSO since we're a virtual appliance.
