In order to speak with AD servers, PHP installs need to use openldap. And for the openldap server to maintain a trust level with the Active Directory server, we need to reference the AD’s certificate file in the ldap.conf file on the server that will run the PHP application.
1) Obtain a certficate file from the AD server (preferably in pem format), and copy it to the /etc/openldap/certs/ folder
2) Modify your ldap.conf file so that it reads:
Once you’ve installed pem file in the ldap.conf, the service should begin communicating with the AD automatically. If not, restart your service as root:
root@server:] service slapd restart