Since our team updated OneView we have been getting the attached error message. We can login using the local Administrator credentials but cannot login using a domain account.
I have tried searching online and can find no articles for this specific issue. We did believe it may be a certificate issue but there are no indications that there is anything wrong with the certs on the appliance. The only issue I can see is that the CRL show as expired when they are in date.
Were the username/password fields not displayed on the screen? (or just omitted from the screen capture?)
The "could not negociate the desired level of security" doesn't imply a certificate issue. It implies a cipher suite issue (e.g. the TLS handshake failed to negotiate a cipher in common). Is there any special configuration on the AD side with regard to cipher suite support? OV itself can do TLS 1.0, 1.1, and 1.2 with all the standard ciphers supported.
If you don't think it's related to TLS ciphers on the AD side, can you check you AD server certificates. Presumably you have multiple directory servers defined in OV for the the AD domian. In that case, you usually have a CA-root and or intermediates that have signed the AD server certs. That root and the intermediate(s) have to be in the trust store. Can you check the certificate chain and validate that's the case.
