@Stephen Elaschuk Thank you for reaching out to us, As I understand you are updating LDAPS Certificate of Azure AD Domain Services, I have researched on your ask and also confirmed with my team as this is a modify operation on the AADDS deployment, you need to have tenant admin i.e Global Admin privileges are required to make this change.
Let me know if you have any further questions, feel free to post back.
Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.