Overview#There are some setup items required to be able to set the password for Microsoft Active Directory from Java. Microsoft Active Directory uses the UnicodePwd instead of the more common userPassword unless you have Enable UserPassword in Microsoft Active Directory.
Encryption Required#LDAP encryption
All Microsoft Active Directory Domain Controllers automatically enroll for domain controller certificate and utilize it for secure LDAP communications if Active Directory integrated Microsoft Certificate Server is deployed within the AD Forest. As long as you deployed Microsoft Certificate Server in Active Directory integrated mode, then you don't need to do anything else on Microsoft Active Directory, all Domain Controllers will use SSL on port 636.