I have a couple Web Apps out there that use LDAP to authenticate. They all require a user a user for access to active directory. I'm just wondering what the best practices are for that user? Whats the bare minimum as far as rights that I can give to this user?