A server 2025 Domain controller now enforces a LDAP SSL connection. If you are updating and run into an issue with older APPS needed to connect to LDAP with out SSL you can change the Domain Controllers default policy as per below which will allow connections both SLDAP and LDAP
Domain Controller Policy
=Computer Configuration
====Policies
=====Windows Settings
======Security Settings
=======Local Policies
========Security Options
========Domain controller: LDAP server channel binding token requirements: “When Supported”
========Domain controller: LDAP server signing requirements: “None”
========Domain controller: LDAP server Enforce signing requirements: “Disabled”
========Network security: LDAP client encryption requirements: “Negotiate Sealing”
========Network security: LDAP client signing requirements: “Negotiate Signing”
Then on the Domain controller run gpupdate /force from an elevated command prompt