Just turned on LDAPS and enforced it on our DCs. Playing with the veyon settings I have found that the following still works LDAP server and port: DC works but Domain Name doesn't so have specified a DC. Port 389 works however 636 does not Encryption protocol: TLS TLS certificate verification: Custom Custom CA certificate file: Exported CA cert in CER format, changed extension to PEM and plonked onto a share Hope this helps somebody