Is there a way to allow Zimbra users (i.e. who have accounts in the Zimbra mail servers), to browse the LDAP tree?

I can browse the LDAP tree using zimbra admin e.g.:

ldapsearch -D "uid=zimbra,cn=admins,cn=zimbra" -w ##### -x -H ldap://zimbraserver:389 "uid=test"

I can also enable anonymous browsing by enabling anonymous (running as zimbra: libexec/zmldapanon -e)

But I've tried "ldapsearch -D "uid=test,dc=people,dc=mydomain,dc=com" -w ##### -x -H ldap://zimbraserver:389 "uid=test" (mydomain.com is sanitised and not my real base DN of course)
ldap_bind: Invalid credentials (49)

So it looks like normal Zimbra users are unable to connect to the Zimbra LDAP tree? I just feel that having anonymous bind is not a good idea.