The next step before configuring Directory Services on the FlashArray is to create a User that is used to perform directory lookups, not tied to any actual user.
Typically speaking, the bind user will be low-level account in AD, and not tied to any actual user. Purity does not require any extra permissions for the Bind user and a non-privileged account with the default users will do for our requirements. However, if you use permissions / ACL's within your provider then the Bind user will require elevated permissions.
The password policy for the LDAP reader account should be set to never expire, and change should not be allowed. If the password were to expire or change, Windows users who would normally be able to authenticate with the FlashArray will lose access to the FlashArray using Directory Services. If the password were to change for the LDAP Reader account, the password would need to be set back to the way it was in AD, or updated in the Directory Service configuration to match the new password in AD.
The following images indicate how an User called purebinduser was created, as an example: