AuthModule::LDAP does not work, but ldapsearch yes

[gs71]

I am trying to authenticate OTRS agents against a remotely hosted LDAP server (based on Active Directory, I guess), but I can't do it.
We use this server as an Exchange/IMAP/LDAP server, so we login with our email address.

Please note that I can successfully query the LDAP server with ldapsearch:

ldapsearch -LLL -x -H ldaps://addressbook.usa.net -b 'o=MYDOMAIN,ou=domains' -D 'mail=MY_EMAIL' -w 'MY_PASSWORD'

But when I try to put the same settings into Kernel/Config.pm, login to OTRS always fails:

$Self->{'AuthModule'} = 'Kernel::System::Auth::LDAP';
$Self->{'AuthModule::LDAP::Host'} = 'ldaps://addressbook.usa.net';
$Self->{'AuthModule::LDAP::BaseDN'} = 'o=MYDOMAIN,ou=domains';
$Self->{'AuthModule::LDAP::UID'} = 'mail';
$Self->{'AuthModule::LDAP::SearchUserDN'} = 'MY_EMAIL';
$Self->{'AuthModule::LDAP::SearchUserPw'} = 'MY_PASSWORD';

The error messages I get in the log are:

[Error][Kernel::System::Auth::LDAP::Auth][Line:187]: First bind failed! decode error 22 24 at /usr/lib/perl5/vendor_perl/5.8.8/Convert/ASN1/_decode.pm line 232.
[Error][Kernel::System::User::UserLookup][Line:746]: No UserID found for 'VALID_EMAIL'!

I tried multiple values for AuthModule::LDAP::UID ('uid', 'sAMAccountName', 'mail', 'cn'), nothing changes.
Quite strange is the fact that whatever I put as 'AuthModule::LDAP::BaseDN' (even fake data), I always obtain the same error message!
So it seems that BaseDN is wrong, even if it works perfectly with ldapsearch.

Anyone has any idea if/how I could make it work?

Thanks

[crythias]

Check the links for LDAP/Active Directory on the right:
http://wiki.otrs.org/index.php?title=English_Area

[gs71]

Those links are quite "standard" LDAP configurations. I tried all of them as the first thing, but they do not work in my case.