You might need to set up and configure the back-end directory for making LDAP Proxy functional. LDAP Proxy supports the following directories:
NetIQ eDirectory
Active Directory
NOTE:Communication with the Active Directory server over SSL might fail if the CRL information from the CA is not anonymously accessible. To access the CRL information, install the IIS Web server and then publish the CRLs from the CA. You can then configure the CA to mint the certificates to the AD server with this URL.You must remove any LDAP URLs available in the CRL Distribution Point to access the CRL information anonymously.
If there are multiple domain controllers in the Active Directory forest, ensure that each domain controller is added as a back-end server during LDAP Proxy configuration.