I just successfully implemented the LDAP binding to our company's Active Directory server. We noticed that there is a user_password stored in the SQL database and we need to know what is being stored for security compliance.

I haven't been able to find out how php_ldap.dll works but I know at the least we should have the SQL data directories locked down and permissions on the database set securely.

Any ideas?