Below is good resources on setting up Datapower Active Directory for login into a Datapower Appliance:
http://asimsaddal.sys-con.com/node/1103557/mobile
Below is my version on setting up Active Directory for Datapower and it works:
Step 1: Navigate to Administration -> RBM Settings
Step 2: Make sure your Main page looks like the following:
Step 3: Navigate to the Authentication Tab
Specify your Active Directory Server Host, Port Number (default 389), LDAP version and enable Search LDAP for DN
Your Bind DN will look something like:
CN=,OU=Application Specific Resources,OU=Enterprise Configuration & Resources,DC=,DC=,DC=
Note: Set Local Login as Fallback to login to your appliance. This is for when LDAP fails you still have access to the appliance.
Your LDAP Search Parameter will looks like follows:
Your LDAP Base DN will look something like:
OU=User Accounts,DC=,DC=,DC=
Step 4: Navigate to the Credentials Tab and select Mapping Credentials Method -> xmlfile
Disable: Search LDAP for Group Name
Create a new RBM Policy URL by clicking on the + . Navigate to the wizard till u get to: Access Profile Mapping.
Your Credential Name will look something like: OU=User,OU=Business Unit,OU=User Account,DC=,DC=,DC=
Thys Michels Blog 
I tried this, didn’t work. My domain was ‘munnster.com’ and not sure if we leave the rest dc=dc=dc=? what would be a properly formatted base dn look like? NOt spelled out ANYWHERE on internet!
I worked with IBM and have a wordpress BLOG about the experience. Includes everything.
I am trying to configure my XI150 datapower,
Requirement: I want to use ldap for authorizing a particular resource ” the back end URL – mobile.wsdl ”
I am extracting “username” from an ssl certificate subject name, and using AAA info file to map the username to an “resource”.
how to make DP to submit the above two value “username” & “resource” to an ldap server, and if both attribute are matched then authorize. I don’t want to RBM, Only authorization need to be checked against ldap.
Can any one guide how to do this.