Here's my configs. It does work, in either this format or with %s. This allows me to choose any domain name which is not to desirable but at least it works. I fail to understand what I should put in the 'domains' OU in active directory. Do I put in specific OU's? Do i place the users in the OU's? (ie. ou=Domains\ou=domain.ca\%users%). Your help is appreciated and thanks!
Dovecot
hosts = ad.domain.lan:389
ldap_version = 3
auth_bind = yes
dn = vmail
dnpass = Password
base = ou=DomainUsers,dc=domain,dc=lan
scope = subtree
deref = never
user_filter = (&(userPrincipalName=%n@domain.lan)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
pass_filter = (&(userPrincipalName=%n@domain.lan)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
pass_attrs = userPassword=password
default_pass_scheme = CRYPT
user_attrs = =home=/var/vmail/vmail1/%Ld/%Ln/Maildir/,=mail=maildir:/var/vmail/vmail1/%Ld/%Ln/Maildir/ Postfix
server_host = ad.domain.lan
server_port = 389
version = 3
bind = yes
start_tls = no
bind_dn = vmail
bind_pw = Password
search_base = ou=DomainUsers,dc=domain,dc=lan
scope = sub
query_filter = (&(userPrincipalName=%u@domain.lan)(objectClass=person)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
result_attribute= userPrincipalName
debuglevel = 0