DS changed the password storage scheme to PBKDF2 for the cn=Directory Manager. This has a major performance impact on bind operations.
IDM uses the cn=Directory Manager user to connect to the DS IDM repository by default. This should be a dedicated non admin service account like we set in the setup profiles for for example the DS Identity repository.
Also from a security perspective using an admin account for your application to connect to external DS servers can cause a security risk.
The workaround would be to create a non admin service account and configure IDM to use that account instead of the cn=Directory Manager one.