LDAP auth without SASL

I've got a newly configured Foreman 1.13 instance running on CentOS7. I'm
able to run ldapsearch from the VM without issues so long as I use the -x
flag to disable SASL. I am unable to auth through with Foreman using the
same settings, which leads me to the conclusion that it's using SASL by
default.

Is there an option to disable SASL in a config file (as it isn't in the web
GUI), or a reasonable workaround?

Anonymized config is included.