In theory, only root can bind to a port < 1024.
I see only two possibilities, both of them ugly.
First: modify the source of your kernel so that the restriction is removed. This opens a huge security hole.
Second: modify the source of the directory server so that the first three things it does are:
- change the effective UID to root;
- bind a socket to port 389; and
- change the effective UID to ldapsrv
Then make sure the executable is owned by root, and change the protection on the executable so the SUID bit is on.
Hope this helps.