Trying to use a verified AD account to set up LDAP authentication in CA PAM (Configuration --> 3rd Party --> LDAP) this fails with a message about Failing to Bind

In catalina.out in INFO while doing a verification numerous errors 49 are visible which usually indicate failure stablishing the context or incorrect username or password

In this case the user is unable to log in as per the tomcat log, using DN, but finally the user is able to log in via User Principal Name, so the account gets verified in Credential Management

This may be caused by a malformed CN defined in PAM for that user, in the Target Account Configuration

What happens here is that the target account verification proceeds by trying first by CN, and then by User Principal Name. If the latter is correct, the account will verify, even if it cannot log in using the other methods (like DN)

However when configuring the LDAP connection to retrieve users or groups from LDAP, the binding takes place solely by DN, which means an incorrect or malformed DN will prevent the binding from happening and hence the error indicated will occur

Please check and if appropriate correct the DN for the target account you are using to bind to Active Directory