Are you sure you are using the administrator account out of UCS’ ldap or is it Keycloak’s admin account?
The Keycloak realm ‘ucs’ points to a non-TLS port but is configured to use STARTTLS. There’s a (german) post about the error here: Error in Keycloak LDAP Query - TLS Problem to LDAP - #2 by hasechris92
If you didn’t change that (e.g. uncheck USE STARTTLS ) keycloak can’t get your users from Ldap.