Active Directory, Sensitive Data, Row Level Security

[William Custer <custerwl () MUOHIO EDU>]

Miami University is evaluating a proposal to expand Active Directory
service widely in support of Exchange e-mail.  Unlike SunOne LDAP,
information on all records in Active Directory appears to be available for
query even when bound to an ordinary (unprivileged) user.  Whereas SunOne
LDAP displays to the ordinary user, only the rows associated with that
user, Active Directory displays the rows for all users.

Has anyone configured Active Directory to restrict queries by unprivileged
users to return only the rows associated with that user?