I see the below error in Access Tracker:
"Session failed for Host=servername.domainname.com, Reason=[bind,(error=-1) Can't contact LDAP server] error"
While doing a policy simulation on the AD server. What would prevent this from successful authentication? It is joined to the domain and we are able to pull up the bind DN tree in the authentication source.
This error is expected if we have added AD as an authentication source with below configuration.
If the Connection Security is selected as " AD over SSL", it is Mandatory to add the CA cert of AD/LDAP to the certificate trust list.
Navigate to "Administration » Certificates » Trust List".
Click on "Add Certificate" and upload the CA cert of the AD/LDAP.