You can use permissions on the XML file to protect it or create a username and password just for read rights to the active directory.
Yes, it is a pain to get active directory working sometimes. Took me 4 days. But with the help from the good people in here I was able to get it working and understand it a little better. It really is easy as you will see once its setup. At least the basic functions are. Its gets a little harder when you start throwing in searches and such. Since I went through a little trouble I think I can help you get it working. I might not do a step by step article for you but collect.
Determine your host name (domain controller)
The username you are going to use to login to the consol
Your domain name, example company.local
The username that will be used to read your active directory (adminDN)
The password for the AdminDN
Once you get that it should be easy to connect. Once you can connect you can move on to other things to narrow down exactly the way you want it to be configured. Remember this though. Do not use spaces for username or OU’‘s and DC’'s. Example. This will not work, DC=My Users,dc=company,dc=local. It will not except spaces.
When you are ready let me know and I will help you as much as I can.