When using passphrases (Upper/lower case, special characters including blanks) on the mainframe.
Security system is TSS 16.0

LDAPTEST Job using a passphrase containing blanks ends with RC=2048 which is the same when password is incorrect.

Documentation says that LDAP should work with TSS settings.

Release : 16.0

Component : CA LDAP Server

Using the BPXBATCH utility and there is a way to accomplish passing a space for passphrase by modifying the syntax of the JCL.

There are 3 things that will need to change:

1. Change the JCL to use STDPARM instead of the PARM field.
2. In the STDPARM, specify SH instead of PGM
3. Create a shell script in USS to invoke the ldapsearch utility. 

For example reference the below JCL

//LDAPTST JOB (XXXXXX),'LDAP TEST',                  
//         CLASS=A,MSGCLASS=X,MSGLEVEL=(1,1),REGION=0M, 
//         NOTIFY=&SYSUID                               
//*                                                     
//LDAPTST EXEC PGM=BPXBATCH                             
//STDERR   DD SYSOUT=*                                  
//STDOUT   DD SYSOUT=*                                  
//STDPARM DD *                                          
SH /u/caldap/ldptst.sh                         
-u USER01                                              
-w "This is a long phrase with space"                   
-h HOSTNAME                             
-p 389                                                  
-f /u/caldap/IVP.log                     
/*                                                      

And for the ldptst.sh script, you will need to have the following:

export LIBPATH=/u/caldap/:$LIBPATH
./ldaptest "$@"