have a look at the User Guide, Page 123 describes the setup.
I've setup a few AD integrations without much trouble - the root path isn't strictly needed.
Bare in mind that after setting up LDAP it will take some time before all groups are pulled correctly - When you then go to the Roles part of the Permissions Settings you should be able to set whether the Role in question is via LDAP etc
Hope this helps.
We already had the LDAP configured as the instructions state, and were successful in reading from LDAP to see the Groups we wanted to add roles to, and did so.
But the users that are members of those groups can't authenticate.
We did the configuration as defined on pg 123, as well as page 115 for the roles.