Using servers: ldaps://10.0.0.4
Does your AD server have an SSL certificate installed? If so, does your web server trust the AD server's certificate authority? If it is the former, you'll need to use clear instead of ssl (not recommended), or you'll have to install an SSL certificate. If it is the latter, you'll need to configure OpenLDAP client and OpenSSL on your web server to trust the Certificate Authority.
Where you place certificates for CA trusts varies from distro to distro, but in RHEL 4 it is /usr/share/ssl/certs. In RHEL 5 it is /etc/pki/tls/certs. You'll need to edit /etc/openldap/ldap.conf and put something like the following in (if you have RHEL4):
TLS_CACERTDIR /usr/share/ssl/certs TLS_CACERT /usr/share/ssl/certs/specificCACert.pem
You can also try the following if you are having problems (this can allow MITM attacks):
TLS_REQCERT never
If you want to check to see if your AD server is using SSL, you can do the following:
openssl s_client -connect 10.0.0.4:636
It should connect and return a bunch of information, including the public SSL certificate of the AD server in PEM (ascii) format.
If you need further help after checking the above, please also post your configuration with sensitive stuff snipped out.
V/r,
Ryan Lane