A couple things about the LDAP authentication that I believe need documented somewhere. I understand that the documentation of how to write LDAP filters are outside the scope of this project, but I believe the first issue to be a security concern. And the second issue is a result of trying to fix the first.
First, if you follow the current documentation to authenticate against an Active Directory, disabled/suspended users will be able to log into MRBS. You need to modify the $ldap_filter configuration variable to include "(!(userAccountControl:1.2.840.1135126.96.36.1993:=2))" to correctly filter disabled users.
Second, typically an ldap filter will be opened and closed with parentheses. These parens apparently are already taken into account elsewhere in the MRBS code, as you should NOT include them in the $ldap_filter configuration variable and supplying them causes MRBS to fail to authenticate against the AD (and probably other LDAP installations as well).
So, combining these two points, an example of a proper $ldap_filter variable would be:
$ldap_filter = "&(!(userAccountControl:1.2.840.1135188.8.131.523:=2))(memberof=cn=whatever,ou=whatever,dc=example,dc=com)";
(no spaces or line breaks between the sets of parentheses)