When using a directory server for authorization control for destinations, a structure must be built on the directory server - see [1]. Unfortunately, Active Directory will not allow you to create the cn=admin, cn=read, and cn=write nodes under each of the Queue, Topic and Temp nodes.

Active Directory has a uniqueness requirement for object names that precludes building the needed structure.

Also, I have confirmed with QE that Authorization against Active Directory has never been tested.

[1] https://access.redhat.com/documentation/en-us/red_hat_jboss_a-mq/6.3/html-single/security_guide/#LDAP-AddAuthzEntries