When replacing the existing "host" and "RootCAData"  in management cluster secrets (pinniped-addon & pinniped-package) , "Ldapidentityprovider" goes into ERROR state with below mentioned error and pinniped package also fails to reconcile :

- lastTransitionTime: "2024-06-06T09:36:13Z"

message: 'could not successfully connect to "XYZ.local:636" and 

bind as user "CN="xxx",OU="xxx",OU=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx":

error dialing host "XYZ.local:636": LDAP Result Code 200

"Network Error": host "XYZ.local" is not a valid hostname or IP address'

Use lowercase FQDN  in the management cluster secrets (pinniped-addon & pinniped-package) to make the LDAP connection successful and then verify if Pinniped pkgi reconciles back to "HEALTHY" state.

- lastTransitionTime: "2024-06-06T09:44:45Z"

message: successfully able to connect to "xyz.local:636" and bind as user "CN="xxx",OU="xxx",OU=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx"

[validated with Secret "upstream-ldap-idp-bind-credentials" at version "181347987"]

observedGeneration: 1

Before upgrading a management cluster configured to use an LDAP identity provider to Tanzu Kubernetes Grid v2.3, update your LDAP settings as described in (LDAP Only) Update LDAP Settings. All existing LDAP settings will be automatically migrated to the new Pinniped format during the upgrade of the management cluster to v2.3. 

https://docs.vmware.com/en/VMware-Tanzu-Kubernetes-Grid/2.3/tkg-deploy-mc/mgmt-upgrade-mc.html#ldap-only-update-ldap-settings-1