VCSA / LDAPS vs IWA domain-joined

[Frosty]

I recently updated Veeam to latest version and also vCenter VCSA v7.0 U1. All working just fine.
Separately I am working through replacing insecure LDAP with LDAPS and this has led to a Veeam question.
At the moment vCenter is domain-joined and we're using its Integrated Windows Authentication (IWA) not LDAP or LDAPS.
vCenter IWA is deprecated and I want to switch to using LDAPS.
So this means having vCenter and vSphere ESXi hosts being de-joined from the Windows domain I guess.
Does anyone know whether de-joining and then using only LDAPS is going to cause me issues with Veeam interacting with vCenter?

[HannesK]

Hello,
just to be 100% sure... you are asking for the identity source "Active Directory over LDAP" where LDAPS can be enabled?

this screen?


as far as I understand the case mentioned in this thread post371292.html#p371292, it works.

In the case I see that a change from NETBIOS name to FQDN solved the authentication issue.

Best regards,
Hannes

[Frosty]

Thanks, yes, that's the stuff I am referring to, identity source "Active Directory over LDAP" but setting it up for LDAPS.
That other discussion URL was very helpful and I think confirms what I need to do.
I'm going away on leave tomorrow, so am going to postpone making the change for a couple of weeks.
But I think I will create a new vCenter local account for Veeam to use.
Once proven to be working, I will add LDAPS integration for admins to login with.
Cheers,
Steve