It is really weird, it was all working, then for some reason the LDAP connection to domain was lost.
But the funny thing is the LDAP sync rules connect to AD/LDAP every 10 mins and are working fine.
LDAP connection setting are working I see the domain structure....
And as I mention I turn off the User Window AD in the client settings and it works for the firewalls but not for the fortimanager, fortianalyzer, or fortiweb... and the error is always the same.
I'm going to upgrade it to 6.3 and then to 6.4 and see if that fixes things