apache2 + ldap (AD) working but it's not

[vortmax]

I'm attempting to authorize apache against an Active Directory server. I've been fighting with it all day and have it working, but not really.

Here is my conf.d entry for the site:

ScriptAlias /nagios/cgi-bin "/usr/local/nagios/sbin"

<Directory "/usr/local/nagios/sbin">
#  SSLRequireSSL
   Options ExecCGI
   AllowOverride None
   Order allow,deny 
   Allow from all
   AuthName "Nagios Access"
   AuthType Basic
   AuthBasicProvider ldap
   AuthLDAPURL "ldap://adc.*******.net/OU=****** Users,dc=******,dc=net?sAMAccountName?sub?"
  AuthLDAPBindDN "helpdesk@******.net"
  AuthLDAPBindPassword *******
  Require valid-user
</Directory>

Alias /nagios "/usr/local/nagios/share"

<Directory "/usr/local/nagios/share">
#  SSLRequireSSL
   Options ExecCGI
   AllowOverride None
   Order allow,deny
   Allow from all
   AuthName "Nagios Access"
   AuthType Basic
   AuthBasicProvider ldap
   AuthLDAPURL "ldap://adc.*****.net/OU=***** Users,dc=*****,dc=net?sAMAccountName?sub?"
   AuthLDAPBindDN "helpdesk@****.net"
   AuthLDAPBindPassword *****
   Require valid-user
</Directory>

I know my LDAPURL, user, password and binding works, as I've tried it on the command line with ldapsearch

The interesting thing is when I attempt to access the site, I get the user/pass dialog and it asks for my username and pass 3 times before exiting to the 'Authorization Required' page. However, no errors are thrown in the logs. If I enter a bad username or a bad password, then I get the expected error in the log.

So it's as if LDAP authentication is working, but apache continues to block access. Is there something I'm missing here?