We just deployed new server 2019 domain controllers to replace our old server 2012 DC's, and LDAP authentication quit working. We are seeing this error in the logs:.
validuser: do_ldap_check: Couldn't start tls: 52, Server is unavailable
We are using StartTLS as the LDAP protocol, and if I point the LDAP config back to the old DC, everything works. It also works if I set the protocol to unencrypted.
Any thought/ideas/suggestions would be appreciated.
It could be worth running a TCP Dump on the loadmaster and seeing what occurs in the communication between the loadmaster and your new DCs.
You an find instructions on how to perform a TCP Dump/capture in our article below:
Please note that on later versions of firmware, you will find the TCP Dump tool under System Configuration > Troubleshooting.