If you have trouble using TLS on ldap-conjnect: Despite what a lot of people are saying: TLS_REQCERT=never is NEVER the correct answer.
Check out https://andreas.heigl.org/2020/01/31/handle-self-signed-certificates-with-phps-ldap-extension/ for the solution to do it with propper certificate checking!