You can set up the VMware Identity Manager connector for high availability by adding multiple connector instances in a cluster. If one of the connector instances becomes unavailable for any reason, other instances will still be available.

To create a cluster, you install new connector instances and configure them in exactly the same way as you set up the first connector.

You then associate all the connector instances with the Built-in identity provider. The VMware Identity Manager service automatically distributes traffic among all the connectors associated with the Built-in identity provider. A load balancer is not required. If one of the connectors becomes unavailable because of a network issue, for example, the service does not direct traffic to it. When connectivity is restored, the service resumes sending traffic to the connector.

After you set up the connector cluster and associate all the connectors with the Built-in identity provider, the authentication methods that you enabled on the connector are highly available. If one of the connector instances is unavailable, authentication will still be available.

In VMware Identity Manager on-premises installations, beginning with version 19.03, you can also set up high availability for directory sync. To set up high availability for directory sync, you associate all the connector instances with the directory and then set up a Sync Connectors list for the directory. The connectors in the Sync Connectors list are arranged in failover order. The VMware Identity Manager service uses the first connector in the list for directory sync. If the first connector is unavailable, it uses the second connector, and so on. The Sync Connectors list is set per directory from the directory's Sync Settings page.

In VMware Identity Manager cloud, the directory sync high availability feature is not available. In the event of a connector instance failure, you need to manually select another connector instance as the sync connector.

Note: This section does not apply to high availability of Kerberos authentication. See Adding Kerberos Authentication Support to Your VMware Identity Manager Connector Deployment.