This article provides workaround steps for an LDAP Server to work with NSX-T Data Center 3.0.0

• On fresh install of NSX-T Data Center 3.0.0, under Identity Firewall AD, an LDAP server cannot be added when LDAPS protocol is selected
• On upgrade to NSX-T Data Center 3.0.0, the configured sync fails to the AD server.  

This issue is resolved in VMware NSX-T Data Center 3.0.1, available at Broadcom downloads.
If you are having difficulty finding and downloading software, please review the Download Broadcom products and software KB.

Workaround:

• For fresh install, when adding a Identity Firewall AD, use LDAP protocol when adding a LDAP server.
• For upgrade to NSX-T Data Center 3.0.0, edit LDAP details to use LDAP protocol instead of LDAPS protocol.