If you use the MS Active Directory service for user authentication and your MSAD server requires secure connections, depending on how the server is configured you may be seeing a "Can't connect to server" error in the authentication test output. This can occur when your MSAD server is specified with ldaps:// or tls://.


This happens when the OpenLDAP libraries attempt to verify the server name in the certificate chain and can't.


You can configure your Orca Console server to not validate the certificate in this manner by adding a configuration setting to the OpenLDAP configuration.


The libraries utilized by Orca have the pathname to the OpenLDAP configuration file hard coded and it cannot be overridden. 


Edit the file c:\openldap\sysconf\ldap.conf and add the following line:


TLS_REQCERT never


MSAD authentication should begin working without the need to restart any services.


The libraries utilized by Orca have the pathname to the OpenLDAP configuration file hard coded and it cannot be overridden.