You shouldn't require a password to search the ldap, otherwise how would anyone log in?
You can limit the extent of the tree that is accessible anonymously to just the users.
You should get your hands on an ldap browser... it's much handier than commandline access, and seeing the ldap database visually really helps your understanding of the structure.
JXplorer is pretty good. Do
apt-cache search jxplorer to see if it's un the Ubuntu repos.