After some investigation it seems, that my problem is related more to ESXis or/and Active Directory LDAP configuration than to the FSM. I noticed, that when trying to access ESXi host using SSH I sometimes must enter my credentials twice (each time they are 100% correct) - this seems to be perfectly related to Access failed error message which I get after specifying ESXi domain credentails in FSM for the first time (this symptom was desribed in my 1st post).
Concerning your question about the benefits of managing OS endpoints from FSM without vCenter endpoint discovery: It all started when I was updating my PureFlex components to v. 1.3.1. As I understood from "IBM Flex System and IBM PureFlex Firmware Updates Best Practices" guide, Operating System endpoints must be discovered by the FSM before the upgrade process starts. I was also thinking at that time, that after I discover and inventory OS endpoints of ESXi nodes I will be able to apply drivers update (included in UXSP for ESXi 5.1) from FSM, but I wasn't successfull with that.
I'm currently doing some activities to get my ESXi's working with Active Directory (hoping that it will make the FSM working with ESXi OS MEPs using AD authentication). I will post the results here after I'm done.