Security

Under Administration -> Operator Logins -> Servers 

I have put in all the Ldap server information but I get the following error:

Authentication failed (username unknown)

I have also verified I can connect with the username password. I tested this by using ldp on the domain controller and I was able to bind and search.

I have tried various different settings but I Can't get it to work. 

Attached is a screenshot of my settings.

Also,

The documentation for this is wrong. 

It says

"Bind DN

The password to use when binding to the LDAP server. For an anonymous bind, leave this field empty."

The bind DN is not the password!

Any suggestions?

https://www.arubanetworks.com/techdocs/ClearPass/CPGuest_UG_HTML_6.5/Default.htm#OperatorLogins/CreatingLDAPServer.htm#kanchor549

This is what I have:

BindDN cn=domainuser,cn=users,dc=domain,dc=com

BaseDN dc=domain,dc=com

I do not have a BaseDN  in clearpass 6.7

Are you editing the authentication source?

You are correct that the doc has an error.  The UI hint is correct but the guide has a missed copy-paste from the password field.

Base DN is there for the POSIX compliant option.  AD just has the username and password.  There are varying formats for username so make sure you are entering the one your system wants.

What scheme are you using?  ldap3s:///?

Here are the settings that made it work finally. 

It does not work without the bind dn empty. They should really clarify what is needed for this in the docs. Literally every application whats differerent settings. Also important was specifying dc=mydomain,dc=local in the server url. Hope this helps someone else.