We recently upgraded to CAPC 2.7 and NFA 9.3.3. The LDAP configuration, using SsoConfig tool, worked very well following the CAPC upgrade. However, following the NFA upgrade, user login was not possible on NFA. After some extensive troubleshooting, it turned out that the LDAP configurations on NFA were missing a password for the LDAP user. The configurations are replacated from CAPC - using the "Remote Value" in the LDAP configurations, and these were not preserved after the upgrade. CA has to find a way of preserving these configurations after an upgrade.