I think Kevin was referring to authentication being more flexible in the next release, not GAL.
We've had other people get GAL working with AD without any trouble. I'd also suggest trying external LDAP with your search string, maybe something really trivial that you know works, like:
which will search for the user-entered string in the cn/sn/gn attributes. Also, you should ask your AD admin if security policies allow for the query to be made un-authenticated. If not, you'll need to setup a service account in AD that has permission to perform the search and then enter it in the GAL wizard setup.
If you want to see the search string we use for AD, type in:
The line that starts with "ad:" is the one we use for AD, and the one that starts with "zimbra:" is the one we use for internal GAL searching.
/opt/zimbra/bin/zmprov gacf|grep zimbraGalLdapFilterDef
You can also use zmprov to do a GAL search:
Which can be more convenient for debugging then going through the UI.
/opt/zimbra/bin/zmprov sg zimbra.com roland