All accounts of a specific  AD domain failed to login to vCenter Server.
This AD domain is configured with a AD over LDAP Identity Source in vCenter Server.
Accounts in other domains are not impacted.
Accounts in the SSO domain(vsphere.local) are not impacted.

Following log messages  are  found in vCenter Server.
--/var/log/vmware/sso/ssoAdminServer.log
####-##-##T##:##:##.##Z ERROR ssoAdminServer[104:pool-2-thread-5] [OpId=########-####-####-####-############] [com.vmware.identity.idm.server.ServerUtils] cannot establish ldap connection with URI: [ldap://example.com:389] because [Invalid credentials] therefore will not attempt to use any secondary URIs
####-##-##T##:##:##.##Z ERROR ssoAdminServer[104:pool-2-thread-5] [OpId=########-####-####-####-############] [com.vmware.identity.idm.server.ServerUtils] Exception 'com.vmware.identity.idm.IDMLoginException: Failed to probe provider connectivity [URI: ldap://example.com:389 ]; tenantName [vsphere.local], userName [example\user01]'
Caused by: com.vmware.identity.interop.ldap.InvalidCredentialsLdapException: Invalid credentials

vCenter 7.0.x

vCenter 8.0.x

The service account configured in vCenter Server Identity Source is locked or expired

There are two solutions:
1.Unlock or reset the AD service account in AD domain controller.
  In some cases, the Identity Source in vCenter Server need to be updated or re-added.

2.Update the Identity Source in vCenter Server to use another active AD account

 
Refer: Active Directory over LDAP and OpenLDAP Server Identity Source Settings 
https://techdocs.broadcom.com/us/en/vmware-cis/vsphere/vsphere/8-0/active-directory-ldap-server-identity-source-settings.html