UIM is configured to connected to Windows Active Directory servers for LDAP SSL authentication.  The LDAP server configured in the hub probe is the Windows domain name and requests are sent to various LDAP servers in the network.  LDAP tests may succeed, however authentications will intermittently fail.  The hub logs show these failures:

Jan  5 04:58:48:363 [2504] 0 hub: do_ldap_query [LDAP] - open failed: auth (ldap_simple_bind_s) failed: 'Server Down' (81)

Capturing the packets using Wireshark (or other packet capture tools) will show RST packets coming from some of the LDAP servers

• All versions of UIM
• LDAP servers using Windows Active Directory

SSL cert for some of the LDAP servers expired causing some communication to be reset.

LDAP admin team should review the LDAP servers to confirm that all SSL certificates are valid and active.  Applying valid certificates to all LDAP servers allows all SSL LDAP requests to be allowed and will resolve the issue.

Workaround:
To workaround the issue while the certs are being updated, you could change the UIM hub configuration to use a specific LDAP server that has a current certificate.