With the Windows Server 2003 family version RC1, only authenticated users may initiate an LDAP request against Windows Server 2003-based domain controllers. You can override this new default behavior by changing the seventh character of the dsHeuristics attribute on the DN path:
CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,Root domain in forest
I have tried adsiedit and ldp, but cannot find the above string. Can someone provide a bit more detail? I am trying to enable anonymous ldap queries.