MX67 on 18.211 connecting to 2x fully patched 2016 DCs with self-signed certificates

Not sure when this happened, but noticed that I am getting a WMI error in the dashboard when connecting to either AD server in Security & SD-WAN - Active Directory. This worked from the beginning when the MX was installed.

Tried a new account, know the password is right, always

Have the same setup at a few other customers and they are working fine. Not sure what is different.

Security logs on the DCs show the password is not right, but I know it is.

Tried changing the short domain to just domain from domain.local, changed the user to user, domain\user, user@domain.local.

Seeing this on the DCs:

An account failed to log on.

Subject:
Security ID: NULL SID
Account Name: -
Account Domain: -
Logon ID: 0x0

Logon Type: 3

Account For Which Logon Failed:
Security ID: NULL SID
Account Name: svc.merakildap
Account Domain: WORKGROUP

Failure Information:
Failure Reason: Unknown user name or bad password.
Status: 0xC000006D
Sub Status: 0xC000006A

Process Information:
Caller Process ID: 0x0
Caller Process Name: -

Network Information:
Workstation Name: MAC17C8D12801
Source Network Address: 192.168.0.1
Source Port: 46424

Detailed Authentication Information:
Logon Process: NtLmSsp
Authentication Package: NTLM
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

 Could it be because of NTLM as the package?