Ldap access t oActive Directory problems - help!

[cheredenine]

I've got a thread running in the VLE section, but it think this problem has transcended that area's remit...

I'm trying to get Google Apps Directory Sync working and, in doing so, i've identified that for some reason our instance of Active Directory will not allow connections using the 'simple' or 'anonymous' LDAP protocols. I'm more interested in the 'simple' protocol and i'm flummoxed as AD should apparently allow such connections without problem. When i try to connect with an LDAP browser (Softerra LDAP Browser) i get the basic Root entries (Domain and Forest DNS zoens and configuration) when using the 'simple' protocol. If i use the same browser and tell it to use 'GSS Negotiate' as the mechanism it connects correctly and i see all the OUs i expect. This 'GSS' business appears to be a Kerberous compatible authentication method, which might explain why this works. If i use a MS browser (ldp.exe) for example i have no problems connecting at all.

So... I need to work out why the 'simple' protocol doesn't work as the Google sync application allows for only 'simple' or 'anonymous'. I've spent ages trying to work this out and am not getting very far. Anybody with any advice?

Just to flesh the story out a bit more, i've tried every combination of entering the account user name imaginable to no avail. The browser/sync tool will connect and bind under the 'simple' protocol, but will not authenticate sufficiently to draw out the OUs stored within AD..

Cheers in advance!

[cheredenine]

No takers, anyone?