This is a known issue in vSphere 6.x. There is currently no resolution.
Workaround:
To work around this issue you can include the optional -sdOptsFile flag and sdopts.rec configuration to manually load balance between RSA Authentication servers. Ensure you have valid backup before proceeding:
1. Manually create sdopts.rec file and specified servers with priority levels. See
https://community.rsa.com/docs/DOC-46997cat /root/sdopts.rec
USESERVER=192.168.1.1,10
USESERVER=192.168.1.2,8
USESERVER=192.168.1.3,52. Reconfigure with sdopts.rec using -sdOptsFile flag
cd /opt/vmware/bin
./sso-config.sh -t vsphere.local -set_authn_policy -securIDAuthn true
./sso-config.sh -set_rsa_site -t vsphere.local -agentName vcenter65.domain.corp -sdConfFile /root/sdconf.rec -sdOptsFile /root/sdopts.rec3. Restart the vmware-sts-idmd service
service-control --stop vmware-sts-idmd
service-control --start vmware-sts-idmdFor More information, see:
Upgrading to VCS 7.0, Smart Card & RSA SecurID Authentication stops