TLS is not used with LDAP server during password change, password is transmitted in cleartext.
vulners.com/securityvulns/securityvulns:doc:9055
vulners.com/securityvulns/securityvulns:doc:9059
vulners.com/securityvulns/securityvulns:doc:9181