LDAPCP has limitations which SharePoint administrators should be aware of before installing it.
When LDAPCP cannot be used
- SharePoint servers have no network access to the AD/LDAP server which contains the users.
New-SPTrustedIdentityTokenIssuerwas run with the switch
- It is already associated with a trust, and you want to associate it with a new trust.