This seems to be a reoccuring question with new installs:

I am using ZCS 4.5.6_GA_1044 on CentOS 5. The install went very well based on the instructions found here. At this time I am looking at integrating ZCS with my AD 2K3 domain. So far, it doesn't look good. For the GAL I chose external/AD. Despite the fact that the test at the end is reported as a success, it didn't return any results. I wound up using LDAP for the GAL and it appears to be working using these settings:

GAL mode:
External
Most results returned by GAL search:
100
Server type:
LDAP
LDAP filter:*
(&(|(cn=%s*)(sn=%s*)(gn=%s*)(mail=%s*)))
Autocomplete filter:
(|(cn=%s*)(sn=%s*)(gn=%s*)(mail=%s*))
LDAP search base:
dc=DOMAIN,dc=mydomain,dc=com
LDAP URL:
ldap://adc1.DOMAIN.mydomain.com:3268
ldap://adc2.DOMAIN.mydomain.com:3268
Bind DN:
DOMAIN\ldapuser

Now for authentication, I can't get anything to work, AD or LDAP. I receive successful messages using the following settings, but authentication at the login screen still fails:

Authentication mechanism:
External Active Directory
LDAP bind DN template:
%u@DOMAIN
LDAP URL:
ldap://adc1.DOMAIN.mydomain.com:3268
ldap://adc2.DOMAIN.mydomain.com:3268

The documentation is vague on exactly how to get this working. How do the accounts actually get created on the ZCS server? Once you set up AD auth, is is automatic? Or do you have to manually configure users in order to get auth to work?