I think you may have misunderstood how question about AD authentication. I was trying to find out how the users log in to their computers (local account or AD).
So to answer your questions:
Regardless of client authentication type you need to download Spark (or another Jabber client of choice). If you use AD you can install the client via Group Policy (takes 2 steps), otherwise visit each computer to install.
Before you can configure the clients you must fully configure the server, and add clients to it unless you are using LDAP authentication (highly recommended).
The users can then login in to the server with their chat/LDAP username.
Server security is very granular. I have deployed our server as an employee only intranet server and therefore have disabled all self registration, guest, and server-to-server features. I have enabled gateways for select users (based on LDAP groups). I also groups pushed to the specific clients based on membership (this allows for easy broadcast messaging).
There are distict advantages to configuring the server to use LDAP authentication.
Centralized user/group management
Control over content of profiles of chat clients
Enforced password security
Potential for Single Sign On with chat client (Spark loads/signs in automatically with all my users at login)
Many more
If you want clarification on specific features/settings please let me know.
The server implements the XMPP protocol (aka Jabber) so any jabber client will work. If you want, the Spark client is developed by the same team and integrates nicely. You can either create new accounts on the server itself (go to http://localhost:9090 while on the server to configure it) or most jabber clients have the ability to register new accounts on a server.
Man that is like a serious cliffnotes version of my post. HAHA. Kind of like Hobbit takes overly powerful ring to be destroyed in lava pit from wense it was forged to describe the Trilogy.
If the server is setup to have the accounts local instead of LDAP there is no control over the profiles. The clients can add anything they wish, or nothing at all. That is why I listed profile control as an LDAP advantage. With LDAP the clients can currently only change their avatar.