User disabled LDAP sync temporarily to allow us to change the email address and password for a local Rally account used for the ALM connector.
In the process of making this change we logged into Rally with the same user from the LDAP sync configuration screen, Rally then forced us to change the password for that user.
After these changes we turned LDAP sync back on and manually re-entered all of the LDAP settings along with the new password for the rally account.
The test connection button confirmed that the bind was successful.
After that, new users have not been appearing in Rally after they are added to the Rally group in LDAP, we have verified that the password is correct and restarted with LDAP sync several times. The following error appeared in the LDAP sync log -

Running LDAP Sync process...
I, [2019-11-05T20:00:33.549834 #28745] INFO -- : Nov 05 2019 20:00:33 ***************************************
I, [2019-11-05T20:00:33.549930 #28745] INFO -- : Nov 05 2019 20:00:33 Rally-LDAP connector version 1.3 started
E, [2019-11-05T20:00:33.616139 #28745] ERROR -- : Nov 05 2019 20:00:33 ERROR: Could not connect to Rally
E, [2019-11-05T20:00:33.616257 #28745] ERROR -- : Nov 05 2019 20:00:33 ERROR: Error returned was: undefined method `split' for nil:NilClass
I, [2019-11-05T20:00:33.616309 #28745] INFO -- : Nov 05 2019 20:00:33 *********Completed Run**************
I, [2019-11-05T20:00:33.616353 #28745] INFO -- : Nov 05 2019 20:00:33
LDAP Sync finished

Release:

Component:

The config.xml file in the /opt/RallyOnPrem/lib/ldapConnector directory had an owner/group of root / root instead of apache / apache.    Changed the owner and group of the config.xml file to apache / apache and made a change in the LDAP settings screen so the services would restart.  This cleared up the issue.  *****(The change will need to be done after working hours as restarting the services will cause some downtime.)