Yes --- here is my 'cas.properties' configuration.
The ldap connection URL and DNs are correct (validated via ldapsearch from command line).
Do you notice anything else missing?
cas.properties:
cas.server.name:
http://localhost:8080/cas.server.prefix:
http://localhost:8080/edu-cascas.adminPagesSecurity.ip=127\.0\.0\.1
logging.config: file:/etc/cas/config/log4j2.xml
# cas.serviceRegistry.config.location: classpath:/services
# Encrypt Cookies
cas.tgc.secure: true
cas.tgc.crypto.signing.key: snip
cas.tgc.crypto.encryption.key: snip
# Encrypt Spring Workflow
cas.webflow.crypto.signing.key: snip
cas.webflow.crypto.encryption.key: snip
# cas.authn.ldap[0].type= DIRECT
cas.authn.ldap[0].ldapUrl=ldaps://ldap.snip
# cas.authn.ldap[0].connectionStrategy=
cas.authn.ldap[0].useSsl=true
cas.authn.ldap[0].connectTimeout=5000
cas.authn.ldap[0].subtreeSearch=true
# BaseDn used to start the LDAP search looking for accounts
cas.authn.ldap[0].baseDn=ou=PEOPLE,ou=edu
# The search filter to use while looking for accounts.
cas.authn.ldap[0].userFilter=uid={user}
cas.authn.ldap[0].subtreeSearch=true
cas.authn.ldap[0].usePasswordPolicy=false
cas.authn.ldap[0].dnFormat=uid=%s,ou=PEOPLE,ou=edu
cas.authn.ldap[0].principalAttributeId=uid
cas.authn.ldap[0].principalAttributePassword=
cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true
# Bind credentials used to connect to the LDAP instance
#
cas.authn.ldap[0].bindDn=uid=foo,ou=edu
cas.authn.ldap[0].bindCredential=snip
cas.authn.accept.users: