You are using a version of the above with the //'s removed from the relevant lines aren't you? eg...
Have denoted my added comments between **'s
// 'auth_ldap' configuration settings
// Where is the LDAP server
// ** A space separated list of IP addresses works here for multiple servers. **
// ** LHS-SR-001.internal LHS-SR-002.internal etc should also work if you get correct **
// ** IP response when pinging those names at CLI via SSH **
$ldap_host = "10.x.x.1 10.x.x.2";
// If you have a non-standard LDAP port, you can define it here
$ldap_port = 389;
// If you do not want to use LDAP v3, change the following to false
$ldap_v3 = true;
// If you want to use TLS, change the following to true
$ldap_tls = false;
// LDAP base distinguish name
// See AUTHENTICATION for details of how check against multiple base dn's
$ldap_base_dn = "ou=Teaching Staff,ou=LHS,ou=Establishments,dc=lhs, dc=internal";
// Attribute within the base dn that contains the username
$ldap_user_attrib = "uid";
// If you need to search the directory to find the user's DN to bind
// with, set the following to the attribute that holds the user's
// "username". In Microsoft AD directories this is "sAMAccountName"
$ldap_dn_search_attrib = "sAMAccountName";
// If you need to bind as a particular user to do the search described
// above, specify the DN and password in the variables below
// ** EG: create an Admin level account in CC4, and use it's credentials below... **
// ** I've set it below for a username of ldapbind with password as QAZwsx~[0 **
$ldap_dn_search_dn = "cn=ldapbind,ou=System Administrators,ou=LHS,ou=Establishments,dc=lhs, dc=internal";
$ldap_dn_search_password = "QAZwsx~[0";
Alternative way is to secure a directory using .htaccess / LDAP, stick MRBS in there, and set it to remote authentication (I think)... Apache captures the user name and sets it as $_PHP_AUTH_USER, which MRBS then uses for userid for any entries booked during that session iirc. However, the OUs that Apache will let you use is restricted to a single branch (or I've never found a way to make it check multiple OUs). Sample .htaccess follows...
I do also have a PHP system however that ties to LDAP happily, can explore whatever OUs you specify, and can then be used to set the $_REMOTE_AUTH_USER, which can then pass THAT onto MRBS or any other PHP app that uses session-based authentication to integrate any other similar apps into a single-sign-on kinda setup over the web. S'clunky, but functional... haven't put it into use yet due to lack of time to carry on working on it.
Deny from All
AuthName "PLEASE USE YOUR REGULAR CURRICULUM NETWORK USERNAME AND PASSWORD"
AuthLDAPUrl "ldap://10.126.96.33 10.126.96.34/ou=Teaching Staff,ou=HOR,ou=Establishments,dc=Horbury,dc=Internal?cn"
# --Uncomment next line for Group authentication
# Require ldap-group cn=HOR ITtechTeam,ou=HOR,ou=Establishments,dc=Horbury,dc=Internal
Bear in mind the above examples use an administrative user account to bind to LDAP to allow it to perform searches... which means if your webserver is ever compromised, they potentially get an admin account on your network... I don't use the search functionality so have those disabled, pending time to set up a user that has full read-only access to the directory.