I logged in to Web client with the admin@domain-system account and saw that sign on and discovery configuration the active directory identity still prompts to the old server. I changed it to the new server, but the test cannot see the new DC server. I realise the ldap url points to a port.3268.
Did you try deleting the identity source and create a new one with the new Domain controller . Restart the Single Sign On and VC to take the changes effect.