You may run into the following issue when configuring Active Directory Authentication that is available since IdSuite 14.1.
When you set the BASEDN to the root of the AD domain (like DC=lab,DC=local) AD will respond to searches with referrals that are not handled correctly by the current version of the Authentication Module. As a result a login with correct credentials will return “Error: AD Internal Error:Check AD”.
As a workaround, you can configure the SERVERS property to point to the catalog by adding the port (SERVERS=adserver:3268 or adserver:3269 if you use SSL ).
Another possibility is to add a container to the BASEDN like “CN=Users,DC=lab,DC=local”, if all your users are in this OU. Another thing to note is the location of the trusted keystore. The path used is %JAVA_HOME%\jre\lib\security\cacerts
Hope this may save time until this issue is fixed in a future version.
Regards,
Dirk