The AD LDAP interface has quite a few "quirks" that make it more difficult to use than it might seem on the surface, and it lags far behind functions. When I worked with him, I was mainly involved in authentication, but this is probably the same thing no matter what you do. There is a lot of oddity in that you need to be attached as a specific user just for a simple search, which a regular LDAP server will allow you to do anonymously.
Also, at least a year ago when I was working on this, python-ldap was the only Python LDAP implementation to support anywhere near the full feature set, as it was built on top of OpenLDAP, however OpenLDAP is pretty hard to build on Windows ( and in general), so most builders will lack one or more functions. Although you do not authenticate, the lack of SASL / Kerberos support (which was not available at the time I used it) can make it difficult for you.
If you have something that works, and you just need to run it on Windows, I would really recommend sticking with it; using AD through LDAP can turn into a big project.