Currently, the LDAP authentication happens without SSL and that is how its configured in UCSM. Does anyone know how to configure UCSM to use LDAP channel binding and LDAP signing when talking to the domain controllers for authentication?
I have come across the below article which cisco has put out about SSL and LDAP but it's not that helpful
Install a cert from your root CA as a new keyring on the ucs.
Make that the active certificate in communications settings.
Then make sure that your LDAP services are set up for ssl
One point worth noting for me at least is that after the certificate is configured and valid in UCS, from the LDAP provider screen you can select SSL (Its a check box). Typically the port is 636 for that and not 389. But when i select 636, I haven't got it to work but if i use 386 with SSL checked it works and in SCOM the alert is not generated when I login using my domain id's.
So for now, I think I am going to leave it on that as long as its not alerted for unsigned LDAP's
Best of luck and yes this is a bit tricky and a hit and miss!