Hello -

We had our CIMCs configured to use encrypted AD authentication and until we began to update the domain controllers to Server 2012, everything worked fine. Since the 2012 DCs have been introduced, encrypted authentication no longer works. The message "Login failed. Verify that your username and password are correct." is displayed.

The following is found in the CIMC log:

pam_ldap_manager(webgui:account): Can't contact LDAP server, error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol: Please check the correct Certificate Authority (CA) certificate has been uploaded to AVCT.  Please also check if the AVCT date is within the valid period of the certificates and the Domain Controller Address configured in AVCT matches the subject of the directory server certificate: user=username@domain.com, host=xxx.xxx.xxx.xxx

This is repeated for each configured DC in the Active Directory Properties tab. Changing the configuration to a 2008R2 DC allows for a successful authentication.

Interestingly, SSH connections are still able to authenicate using AD accounts.

Testing has been done primarliy on a UCS C260M2 (C260.1.5.1.0), CIMC ver 1.5(1b), AD Domain / Forest functional leve - Windows Server 2008R2, Domain Controllers - Windows Server 2012 Enterprise (Core)

Does anyone have any suggestions on how to get encrypted authenication working against Server 2012 DCs?