So it gets strange. In 4.7.3, ID Apps seem like they are moving AWAY from the NMAS SAML method, and using an LDAP control in eDir 9.x where there is a LDAP Proxy as User control. I.e. I geoffc, can bind to LDAP as 'admin'. (Actually I think, Admin (ID APps process) can bind to eDir over LDAP as geoffc, without knowing geoffc's password)
However the Auto tweek is not really a tweek it is about knowing how it works.