Hi - once you provision your system in Enterprise Mode using either Server or Mutual Authentication you cannot access AMT using Digest Authentication unless you re-provision in Small Business Mode or Enterprise/NON-TLS.
For the next part of your question, you would have to look at how your network environment is designed. In order to manage an AMT system, you have to be able to log on to a system that has your management software on it (or you can at least accessthe Web UI, perhaps.) Both systems need to be accessible to each other on the network. If you are operating in Enterprise TLS with either Mutual or Server Authentication then your management console needs to have the right credentials in order to authenticate with the AMT system, so you are correct - if your AD/CA system goes down and you have not built in redundancy into your network environment youwould not be able to authenticate with your AMT systems and so you would not be able to manage them until those systems were back on line.
Any other responses from our Forum Users?