From LDAP test-thread:
For greater compatibility, can STARTTLS be implemented? It would save a lot of time mucking about with certificates when using MS AD. This is running perfectly with a Wordpress plugin I'm using. Only had to enter the DC IP, Base DN and credentials and up and running within a minute.