• Attempting to create or modify an Identity Source fails. 
• An error message similar to below is seen:

Failed to probe provider connectivity [URI: ldaps://###.###.###.###:PORT]; tenantName [vmc.local], userName [####] Caused by: Can't contact LDAP server

VMC on AWS

• A DNS server(s) has not been configured for the Management Gateway in the SDDC. 
• The configured DNS server(s) is unable to resolve the address being used for the Identity Source. 

• Configure a DNS server for the Management Gateway to enable the management appliances in the Management Zone to resolve FQDNs. 
• Verify the configured DNS server is receiving DNS requests and properly resolving the necessary FQDNs. 

Note: When configuring DNS servers for either the Management and Compute Gateways, public addresses or private addresses can be used. However, both a public and private address cannot be configured simultaneously for a gateway. 

• VMware Cloud on AWS: Configure DNS Services
• Add or Modify Management Gateway Firewall Rules