I am trying to enable ad secrets engine over ldaps and running into an error . I am using pem encoded root certificate for the secure authentication.
LDAP Result Code 53 “Unwilling To Perform”: 0000001F: SvcErr: DSID-031A1254, problem 5003 (WILL_NOT_PERFORM), data 0
I don’t see any debug information anywhere to further troubleshoot this issue. I see in the vault docs that this error was mentioned with insecure ldap can cause this issue. I am using ldaps protocol with valid certs. ( ldap authentication plugin also works over ldaps successfully)
Tried almost all possible combinations. tried with a password_policy incase AD is rejecting the password changes over password_policy. However its working when I use ldap.
It would be great help if someone can she some light on to this issue.
Vault version: 1.6.0