"Can't contact LDAP server (-1)" error for LDAPS to Server 2012

ssl active-directory windows-server-2012 ldap windows-server-2012-r2

Solution 1:

This problem can occur because the TLS 1.2 implementation in Windows 2012 is incompatible with some versions of Linux libraries like gnutls.

If this is your problem, disabling TLS 1.2 will restore functionality. The following options may be available to you:

In Linux CLI (may need to escape the exclamation point, found here):

export LDAPTLS_CIPHER_SUITE=NORMAL:!VERS-TLS1.2

In PHP on Linux (found here and here):

putenv(‘LDAPTLS_CIPHER_SUITE=NORMAL:!VERS-TLS1.2’);

On Windows Server 2012, I can't find concise instructions, but these are the registry entries. Directly editing the registry can be dangerous so use with caution.

Related

NS list does not match list from parent zone
Deploying distributed apps with Puppet - advice?
Proxmox - single public ip with multiple vms, openvz containers work, kvm's don't have a route
Centos: multiple IP addresses
Is minimum latency fixed by the speed of light? [closed]
Postfix acting like an open relay for domain mailboxes
ProFTPd server behind firewall returns internal IP address for WAN and LAN connections
Accidentally deleted symlink libc.so.6 in CentOS 6.4. How to get sudo privilege to re-create it?
One linux server, one network, two gateway - can server handle connections coming from both gateways?
How can I change memory resources from within the DomU?
How can I prevent users from seeing my PHP source code?
Postfix "header_checks" is insane for me to accomplish [duplicate]