Go to windows firewall > Advance Settings > Inbound Rules > Active Directory Domain Controller – LDAP (UDP-in) and change the connection to “Allow the connection if it is secure”.
If rule not exists, other than AD server create a new rule and apply.
MYOUSUFALI # Windows Blog 