When the LDAP channel binding requirement is enabled in Active Directory, SASL mechanisms other than GSS/Kerberos must also supply channel binding data.

SASL digest-md5 authentication over a SSL/TLS connection fails with the same 

LDAP: error code 49 - 80090346: LdapErr: DSID-0C09058A, comment: AcceptSecurityContext error, data 80090346, v4563

error that you get with GSS/Kerberos connections.