I installed FO 1.7 and enabled LDAP function with WIndows 2003 AD. For those of you getting problem with AD these are the settings I used to get AD uses login including all the uses in any OU:
'binddn' => 'CN=admin_user,CN=Users,DC=domain_part1,DC=domain_part2',
'bindpw' => 'user_pw',
'port' => 3268,
'basedn' => 'DC=domain_part1,DC=domain_part2',
'host' => 'ldap://domain_ip:3268',
'password_encoding' => 'MD5',
'uid' => 'sAMAccountName'
There are one problem and one issue:
1- The problem is logout ends with white screen and does not even logout the user. so it keeps use session alive even if you go to main URL.
I am using LAMP turnkeylinux.org ubuntu with samba installed and registered in DNS and AD.
2- The issue is admin account now is an AD account and for security reason it should remains FO account even if admin accounts are listed in LDAP server. This is because AD admins are often not the same of FO admins and in cases they should be the same at all. There is a solution for this: FO should check if the user is an admin then verify accounts locally or exit; otherwise continue normal authentication check whether LDAP true or false.