"Invalid Hostname Match" in config-state.json after recreating vIDM embedded connector

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

vIDM cluster services are down, often following a disk-full event on one or more nodes.
Attempting to fix config-state.json corruption using KB 322679 fails because automatic backups (e.g., config-state.json.bak) are also corrupted.
After recreating the embedded connector using KB 374867 on the primary node (Node01), users are still unable to log in.
The horizon.log on Node01 shows new errors related to an "invalid hostname match."
Inspecting the newly generated config-state.json reveals multiple entries for other nodes in the cluster (e.g., Node02, Node03) instead of the Load Balancer FQDN.

Environment

VMware Identity Manager 3.3.x

Cause

This article provides a last-resort procedure for a corner case where the connector recreation process (KB 374867) fails to populate the config-state.json with the correct local node or load balancer metadata. This can occur if the cluster state was severely corrupted prior to the recreation attempt.

The procedure involves manually editing the config-state.json file to correct the invalid hostname references.

Resolution

WARNING: This procedure involves manually editing a critical configuration file. This is not a standard recovery step and should be considered a last resort when all other documented procedures have failed.

Proceed with extreme caution. Typos or incorrect JSON formatting will prevent services from starting.
VMware Support does not typically recommend direct modification of this file.
Take a cold snapshot of all vIDM nodes before proceeding.
Back up the current (broken) config-state.json file before making any edits:

cp /usr/local/horizon/conf/config-state.json /usr/local/horizon/conf/config-state.json.MANUAL_EDIT_BACKUP

Procedure

Isolate the Node: Ensure the node being worked on (e.g., Node01) is the only one active in the IDP configuration. If other nodes (Node02, Node03) are still part of the cluster configuration, remove them from the IDP settings to prevent them from interfering or overwriting changes.
Stop the Service: Stop the horizon-workspace service on Node01.
```
service horizon-workspace stop
```
Edit the File: Open the config-state.json file in a text editor (like vi).
```
vi /usr/local/horizon/conf/config-state.json
```
Find and Replace:
- Carefully search for all string instances of the incorrect hostname (e.g., node02.example.com).
- Replace each incorrect instance with the correct FQDN of the Load Balancer (e.g., vidm.example.com).
Note: This file contains large, complex JSON blobs. Use the search function (/) in vi to find all occurrences. Be careful not to break the JSON syntax (e.g., mismatched quotes or commas).
Save and Exit: Save your changes to the file.
Restart the Service: Start the horizon-workspace service.
```
service horizon-workspace start
```
Validate: Monitor the horizon.log for errors. Attempt a user login to confirm the fix.
Post-Resolution: Once Node01 is confirmed working, the other nodes (Node02, Node03) should not be rejoined. Re-recreate these connectors similarly and ensure they do not contain anything other than the VIP address in the URL fields in the file, then rejoin them to the IDP configuration.