Update: I was able to change the ldap user pw back to what it was, so I'm able to log in again with my domain admin account. After I got logged in with the domain account, I tried resetting the pw again on the AD user object and in vcenter, but I still got the network error so I guess it isn't a problem with the local admin account after all.
Seems like if ldap (actually, ldaps) is working well enough for SSO to work, it would be working well enough to let me change the password unless that uses some other port. Any ideas are appreciated so I can reset the pw at some point.
Thanks.
VMWare Environment: vSphere 7.0, EQ PS6210 SANs, Dell R730 Hosts, dedicated Dell switches w/ separate vlans for vmotion and iscsi.