Couple things I notice right away:
Your base search is just o=mydepartment, make sure you have the entire path ie...ou=people,dc=company,dc=com
For external authentication, try this filter
uid=%u
or
cn=%u(depending on how your ldap is setup)...also no need for the parenthesis if just 1 check for the filter
For your GAL question, you can definitely get more than just cn data....here's my GAL filter - (|(uid=*%s*)(sn=*%s*)(givenName=*%s*)) ..of course this also depends on your LDAP config. |