Summary: I can't think of a reason why you'd want to do this nowadays, but around 2014/2015 I was dealing with incompatibilty between unix and windows based systems. So, if you you stil have some ancient system and you need it, here it is. Enable Anonymoud LDAP bind in Active Directory, probably 2008 or 2012.
Date: Around 2014

If you have to enable anonymous binds in AD, you can do so like this:

• Start Adsiedit.msc
• Go to Action and select 'Connect To'
• Select the 'Select a well known Naming Context' radio button and select Configuration from the drop down menu.
• Expand the Configuration container, then Services an then Windows NT.
• Right-click 'CN=Directory Service' and select Properties.
• Double-click the dSHeuristics attribute.
• If the value is currently <Not Set>, set it to 0000002. If it isn't currently blank, you must change the 7th character of the string to 2. For example, if it was 001, 0010002 should be your new value. Click OK.

Anything that NT AUTHORITY\ANONYMOUS LOGON or Everyone has rights to can now be read through an anonymous bind. To set this, go into 'Active Directory Users and Computers', enable Advanced features under 'View' and navigate to the object you want to expose. Go to the properties, security tab and add 'ANONYMOUS LOGON' to the list of 'group or user names'. Read access is granted by default.