AD Integration - read only?

While going through the initial setup of Openfire, the Profile Settingsd has the three options.

For AD: “Users and groups are stored in the directory and treated as read-only”

What exactly does this mean? Will Openfire be doing updates to LDAP/AD schema/DNs? It seems the wording of this is weird.

I want to ensure that if i hook this up to AD that it isn’t making changes… granted, if it’s doing a bind as the client user then that’s probably safe.

I believe I found the answer in another forum post… it’s completely read-only.