It’s still possible that way on the NS8 but it’s not the best for security, see https://wiki.samba.org/index.php/Configuring_LDAP_over_SSL_(LDAPS)_on_a_Samba_AD_DC#SASL_over_TLS:_A_bad_idea
Here is the command to add the option to the include.conf in the samba-dc container:
To apply the change, samba-dc needs to be restarted, see AD LDAP binding error (strong authentification required) - #5 by etique57