I'm using the docker image jenkins/jenkins:2.204.5-jdk11 and have included the AD root CA and issuer certificates in the keystore.

After configuring the plugin to point to 3269 (instead of 3268) I get the following error:

javax.naming.NamingException: LDAP response read timed out, timeout used:-1ms.

Logs seems not to reveal any more details.

Note: the error includes nothing after the dot except from the stack trace; this is different from some of the other similar issues I have seen related to Java version.

Tested:

• Switching the "trust all certs" vs JDK keystore
• Switching the group lookup strategy as suggested here: https://support.cloudbees.com/hc/en-us/articles/214571878-javax-naming-NamingException-LDAP-response-read-timed-out-timeout-used-1ms-in-Active-Directory-plugin-when-using-AUTOMATIC-group-lookup-strategy 
• Tried to point at the same server and port using the LDAP plugin – this is working!

What might be causing this malfunction?