Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I had an identical issue as OP. I was able to give 'ldap-login-dn' user Account Operator privielges and then succeeded in solving the issue. I am rating your post 5 star since it would have fixed me.
