Agreed. That’s the reason why I implemented the freeipa connection. I wanted to show that it’s doable and that xwiki, freeipa and all the java stuff in between is capable, which I hoped for, but were not sure. With ldap you never know 
.
I wanted to reassure @foobar798, that he will not hit a dead end ultimately.
And I shared the complete necessary config to get it going.
Unfortunately the two things that are the hardest to get right (binddn and bindpassword) are the ones that you can’t help with. And the error we see here is exactly related to these two.
According to this thread the solution may have been to throw all the special characters out of the password, but we just don’t know.
This is the absolute worst case because everything looks correct, yet some encoding hiccups will cause your info to be rejected.