When you open the Configuration Manager page, SSPR displays a warning message for LDAP stating LDAP Test User error. This issue occurs because SSPR generates random password for test user and Active Directory does not allow frequent changes to the test user password. This may result in new user registration failure.
This happens when you have configured a user distinguished name (dn) for a test user during the SSPR configuration and specified TESTUSER in the Password Policy Template setting, under New User Registration. As you require different password policies for different profiles, it is recommended that you skip specifying the test user dn during SSPR configuration. You can provide a user dn, whose password policy can be used for a specific profile, by using the Password Policy Template setting.
This issue can also happen if you have not specified any test user during the SSPR configuration and the Password Policy Template setting is set as TESTUSER. You need to specify the user dn in the Password Policy Template setting to resolve this issue.