While trying to register a new ldap service in PAM it errors at the last step. The error is not descriptive.
We have the ldap device defined and the ldap bind service account and password verifies correctly.
We have confirmed the SSL ports are open and the correct certificates are displayed.
Release : 4.1
In this case the user was defined properly except there was a typo in the Distinguished Name defined in the Active Directory tab in the Target Account
Correcting the Distinguished Name in the Target Account resolved this issue.