As Microsoft I believe will be restricting AD to SSL I Imagine there will be other questions but I could only find one from a few years ago. I’m able to make a connection to 389 with no issues and have used the certificate on other software so it should also be working.
As per the previous post I set the BASE, URI and TLS_CACERT in /etc/openldap/ldap.conf
Below is an example of the auth.php I’m trying but in no case can I get it to bind to LDAP as soon as I switch to ldaps and 636 (which is working elsewhere) this is on CentOS7
define('AUTH_HOST', 'ldaps://test-server.net'); define('AUTH_PORT', 636); define('AUTH_DN', 'DC=test,DC=net'); define('AUTH_DOMAIN', 'AD'); define('AUTH_BIND_DN', 'CN=bld-user,OU=Generic,OU=ServiceAccounts,OU=Accounts,DC=Test,DC=net'); define('AUTH_BIND_PASSWORD', 'example'); define('AUTH_CREATE_ACCOUNT', false); define('AUTH_FALLBACK', true); define('AUTH_MEMBERSHIP', '');