You may observe that authentication requests to VMware Identity Manager (vIDM) fail intermittently, timing out or responding very slowly. Health checks initiated from VMware Aria Suite Lifecycle (ASL) may also appear sluggish or hang indefinitely.

Although the vIDM appliances show low system utilization in vCenter (<1 vCPU of 8, <4 GB memory of 16 GB), user login and ASL operations remain degraded.

On the problematic node in the cluster, you see No Route to host errors located in the /opt/vmware/horizon/workspace/logs/configurator.log

VMware Identity Manager 3.3.7

VMware Aria Suite Lifecycle 8.18.x

AVI Load Balancer (NSX Advanced Load Balancer)

The issue is caused by expired NSX Cloud admin credentials in the AVI Controller.

• The Service Engine group for the vIDM virtual service had been changed from the default deployed by LCM to an N+M HA mode, deploying three Service Engines.

• Because AVI could not authenticate to NSX with the expired credentials, it failed to fully configure the Service Engines.

• As a result, traffic routed through one of the Service Engines (node02) was not processed correctly, causing timeouts for authentication and ASL health checks and failing authentication requests with no route to host errors from node02.

Update the NSX Cloud admin account password in AVI:

1. Log into the AVI Controller.

2. Go to Infrastructure > Clouds > VCF Mgmt > NSX Credentials.

3. Update the admin password to the current value.

4. Allow AVI to reconfigure the Service Engines for the vIDM virtual service.

5. Confirm that authentication works consistently and health checks in ASL complete successfully.