Using LDAP over SSL is a good step towards security. Improve security just a little bit more by disabling SSLv2 and forcing your clients to use SSLv3
On each of your domain controllers create the following registry key:
Then create the following DWORD
Finally, reboot the domain controller
To make this even easier you can deploy this registry key though a Group Policy Object linked to the Domain Controllers OU.
More information from Microsoft: How to Restrict the Use of Certain Cryptographic Algorithms and Protocols in Schannel.dll