You can set up the VMware Identity Manager Connector for high availability and failover by adding multiple connector instances in a cluster. If one of the connector instances becomes unavailable for any reason, other instances will still be available.

To create a cluster, you install new connector instances and configure them in exactly the same way as you set up the first connector.

You then associate all the connector instances with the Built-in identity provider. The VMware Identity Manager service automatically distributes traffic among all the connectors associated with the Built-in identity provider. A load balancer is not required. If one of the connectors becomes unavailable because of a network issue, the service does not direct traffic to it. When connectivity is restored, the service resumes sending traffic to the connector.

After you set up the connector cluster, the authentication methods that you enabled on the connector are highly available. If one of the connector instances is unavailable, authentication is still available. For directory sync, however, in the event of a connector instance failure, you will need to manually select another connector instance as the sync connector. Directory sync can only be enabled on one connector at a time.

Note:

This section does not apply to high availability of Kerberos authentication. See Adding Kerberos Authentication Support to Your VMware Identity Manager Connector Deployment.