• NSX is integrated with vIDM and vROPS.

• vROPS is using vIDM authentication.

• Intermittently failed login attempts from vROPS are seen in the NSX manager logs:
  
  NSX 4752 SYSTEM [nsx@6876 audit="true" comp="nsx-manager" level="INFO" subcomp="http"] UserName="[email protected]@192.0.2.200", ModuleName="ACCESS_CONTROL", Operation="LOGIN", Operation status="failure"

• After enabling debug for service HTTP (CLI: set service http logging-level debug) we see below debug logs under /var/log/proxy/reverse-proxy.log:
  
  DEBUG https-jsse-nio-10.0.0.1-443-exec-47 MainClientExec 6215 Opening connection {s}-><VIDM-server-IP>:443
DEBUG https-jsse-nio-10.0.0.1-443-exec-47 DefaultHttpClientConnectionOperator 6215 Connecting to <VIDM-server-IP>:443
DEBUG https-jsse-nio-10.0.0.1-443-exec-47 SSLConnectionSocketFactory 6215 Connecting socket to <VIDM-server-IP>:443 with timeout 0
DEBUG https-jsse-nio-10.0.0.1-443-exec-47 DefaultManagedHttpClientConnection 6215 http-outgoing-14207727: Shutdown connection
DEBUG https-jsse-nio-10.0.0.1-443-exec-47 MainClientExec 6215 Connection discarded

VMware NSX-T 3.x
VMware NSX 4.x

vROPs is not using JSESSIONS or session cache and that can overload the processing between NSX and the vIDM server which can trigger login failures.

This issue is resolved in VMware NSX 4.2.0 available at Broadcom Downloads.
If you are having difficulty finding and downloading software, please review the Download Broadcom products and software KB.