Is it possible to join hosts (ESXi v7.0.3) to AD using LDAPS (rather than just LDAP)? I can't see an obvious way to do it, there's no way I can see to add a cert and no option to select LDAPS vs LDAP (and the default definitely just sends LDAP requests for the bind).
I already have vCenter joined to AD using LDAPS and that works fine but I wanted to join the hosts as well (although I'm aware there's some debate as to whether this is actually a good idea from a security perspective).
I can see there's an option to use the vSphere Authentication Proxy but I've not configured that before, would that be away to ensure LDAPS is used? Although I'd also prefer this not to be dependent on the vCenter being available so even if using the vSphere Authentication Proxy would be a way to get it working I'm not sure I'd want to go down that route.
I have successfully tested connecting some of the hosts using LDAP but at some point our intention is to block LDAP requests to our domain controllers.