After configuring LDAP to use SSL in realms.xml, user is getting a simple bind error while logging in to Workstation/Webview.
A simple bind error is usually due to
1) TLS version
2) Ciphersuites used
3) Username/password issues
4) bind account issues
5) Certificate issues.
Login is slow whether LDAP or LDAPS. Nested group search is off.
APM 10.7, Active Directory
The following resolved the issue:
1) Use the default 10.7 keystore and add root/intermediate certificates. This eliminated the simple bind error.
2) Add the root/intermediate certificate to the Java keystore. This allowed successful authentication.
3) To have faster logins, point directly to the Active Directory Domain Controller. This is port 6328 (LDAP) or 6329 (LDAPS). Login went from 15 minutes to a few seconds.