 there is and there isn't
We have just been setting this today:
install zimbra using all the defaults, then;
in the admin control panel select "Domains"
and configure GAL (Global Address List)
and Authentication, and set both to external/AD
configure GAL to use external only (otherwise you will end up with duplicate users).
The ldap server is the IP of one of your AD servers.
you will then use the search filter found on page 31 and 32 of the admin guide, add an extra ")" at the end of this filter because of a typo in the manual.
At the bottom change the DC to match your AD domain: eg: DC=domain,DC=local
Create a user on your AD, that you will not use, eg: zimbrauser, and with a password, use this account to BIND to active directory.
This will pull in the user list.
Configure "Authentication" in the same way.
WARNING: if you do this, you will also need to enable fallback authentication, otherwise the admin user will FAIL
on the server, su to zimbra user
and use this command:
zmprov md zimbraAuthFallbackToLocal TRUE
(replacing domain with the email domain you are using  |