SYMPTOMS
An attempt to execute a StartTLS operation for a properly configured OpenLDAP server fails displaying an “Operation failed” error.
CAUSE
There is an ASN.1 encoding bug [1] in the Microsoft LDAP API implementation which makes certain LDAP requests incompatible with the OpenLDAP server.
WORKAROUND
There is a simple working patch for the OpenLDAP server which has been suggested while discussing [2] the issue with the OpenLDAP maintainer. Alternatively, you can download a hot-fix [3] from Microsoft support.
LINKS