This is not something that is available as a security restriction from VMware products.
As you are trying to secure Active Directory, you need to implement this security at the AD level.
The following link gives you information on 'List Mode' that will help you secure and delegate permissions to prevent these searches.
http://technet.microsoft.com/en-us/library/cc535160.aspx
I highly recommend you test this in an isolated environment first before implementing in production.