В итоге имеем конфигурацию:
AuthName "Restricted access"
AuthType Basic
AuthLDAPEnabled on
AuthzLDAPAuthoritative off
AuthLDAPURL "ldap://server.local:3268/DC=SERVER,DC=LOCAL?sAMAccountName?sub"
AuthLDAPBindDN "secretname@server.local"
AuthLDAPBindPassword "Password"
Require group CN=neededgroup,OU=Group,DC=Server,DC=Local