Active Directory Integration with Service Users and Certificate

While I am usuallx not too bad using Linux I was successful in the past in staying away from Windows and specifically AD. Problem is new job decided that we absolutely, positively have to use AD, as provided by our mothership, so no changing there, as our indendity provider.

OK, got that running, until it suddenly broke on all of our systems. Since it was unclear to me what was happening I did involve the AD Team and they just plainly told me that they changed AD queries to only work with a certificate (LDAPS) and with a service user. And that is where my problem starts. I have no clue and can't find any documentation (maybe I am using the wrong search terms) that describes how to set up AD integration so that it uses a certificate (I have that) and a "service user" I supposedly have that as well.

Can anybody point me to a writeup how I can change the config files to do what I need to do?