I have installed Splunk on a Windows 2012 server. I am able to configure unsecured LDAP to a Windows domain controller, but as soon as I enable LDAP over SSL and change the port, I receive the error in Splunk Web:
Encountered the following error while trying to update: In handler 'LDAP-auth': strategy="MyLDAPStrategy" Error binding to LDAP. reason="Can't contact LDAP server"
Additionally, in SPLUNKD.log I see the following limited info:
07-15-2013 11:02:33.221 -0500 ERROR ScopedLDAPConnection - strategy="MyLDAPStrategy" Error binding to LDAP. reason="Can't contact LDAP server"
07-15-2013 11:02:33.221 -0500 ERROR AdminHandler:AuthenticationHandler - strategy="MyLDAPStrategy" Error binding to LDAP. reason="Can't contact LDAP server"
I have reviewed the instructions listed here, including placing the root CA cert of the LDAP server certificate in $SPLUNK_HOME/etc/openldap/certs/ and then modifying the ldap.conf file accordingly. I have confirmed basic connectivity on the LDAPS port (636) of the domain controller using telnet client from the Splunk server.
Could anyone provide some additional insight or ideas into what I might be missing? Help will be greatly appreciated.