The LDAP monitor Perl script nsldap.pl sends wrong passwords to the LDAP directory. The result with many LDAP directories is a blocked / deactivated account used with the LDAP monitor. Hopefully you DO NOT use a service account here, which is used in many places and systems … d’oh!
In case you run into this issue and your LDAP load balancer is DOWN after the upgrade to the newest firmware, head over to CTX312196. There, you’ll find a link to download the bug-free nsldap.pl script. It’s not as easy as copying the modified Perl script to its /netscaler/monitors directory – as the firmware is extracted from scratch with every reboot of your appliance or VM, the buggy script is copied over. Instead, you need to create / modify good old rc.netscaler script.
The Citrix article shows you the details. Citrix will fix this issue with the next release planned in end of July.