We are currently using LDAP. I plan to install certificates on the specific domain controllers applications are configured to connect to and reconfigure the applications to connect over LDAPS.
What can be done to disallow unencrypted LDAP communication to any domain controller on the domain?