Apache on 192.168.X.3 OpenLDAP on 192.168.X.2

ldapsearch will do whatever I ask it to do, but searchRequests from Apache will bind anonymously but return noSuchObject for a valid-user.

<Directory "/var/www/private/">
AuthType Basic
AuthName LDAP
AuthBasicProvider ldap
Require valid-user
AuthzLDAPAuthoritative off
AuthLDAPBindDN "uid=authenticate,ou=System,dc=example,dc=com"
AuthLDAPBindPassword "secret"
AuthLDAPURL ldap://192.168.X.2:389/ou=Users,dc=example,dc=com?uid?sub?(objectclass=*)

</Directory>

this should just work!

Can someone please help?

Thanks.