Dave,
It sounds like you are almost there. In general, if the Fortigate doesn' t allow you to delete an option, it means that it' s referenced somewhere else in the config. If you tried to delete the LDAP server from the LDAP menu, it would be grayed out because you' ve referenced it in the Single Sign-On section.
You have to keep going back until you reach the original reference to the object. In your case, I' m guessing it could be tied to an FSSO User group.
If you haven' t already downloaded it, you might want to look at the Fortinet cookbook:
http://docs.fortinet.com/d/fortigate-the-fortigate-cookbook-5.0.5
Page 267 has a section called, " Providing Single Sign-On for a Windows AD Network with Fortigate."
That should give you the general procedure and help with the troubleshooting.
And, you' re right. You don' t need the LDAP server referenced in the Single Sign-On page. That' s just for organizations that have an LDAP server separate from their AD server.
Bill
==========
Fortigate 600C 5.0.12, 111C 5.0.2
Logstash 1.4.1