Users may be unable to log in to integrated products, such as VMware Aria Automation, that rely on vIDM (VMware Identity Manager) for authentication.

In the vIDM admin console, you may observe the following symptoms:

• Directory synchronization fails.

• In a clustered environment, the sync may fail when pointed to one connector (e.g., node 3) but succeed when pointed to other connectors (e.g., node 1 or 2).

• Reviewing service logs (e.g., horizon.log) on the affected appliance reveals "no space left on device" errors with regards to the file /opt/local/horizon/conf/krb5.conf

VMware Identity Manager 3.3.7

The root cause is a full disk partition ("no space left on device") on one or more of the vIDM appliances.

When the disk is full, automated file management tasks performed by the horizon-workspace service are interrupted. This interruption can cause critical configuration files to become corrupted or deleted.

In this scenario, the /usr/local/horizon/conf/krb5.conf file was missing on the affected nodes. This file is required for the service to load the authentication adapters used by the directory. Its absence prevents directory sync and user logins from functioning on those specific nodes.

Prerequisites

• You have valid and recent snapshots or backups of the system.
• You have access to root and SSH connection applications such as puTTy.

Procedure

1. Log in to the affected vIDM appliance(s) via SSH.

2. Resolve the immediate disk space issue. You may need to clear old logs or other non-essential files to create free space.

3. Identify a healthy node in the cluster (e.g., node01) that contains a valid /usr/local/horizon/conf/krb5.conf file.

4. Copy the krb5.conf file from the healthy node to the affected node(s) (e.g., node02, node03) in the same directory: /usr/local/horizon/conf/.

5. After copying the file, you must set the correct ownership and permissions. Follow the specific file permission steps documented in Broadcom Knowledge Base article 314594.