The article looks promising but I'll see what support comes back with.

Solution 1 doesn't apply since I'm on Horizon 7.4.0.

Solution 2 and 3 reference a ADdomain object under "OU=NgvcAdDomain,OU=Properties,DC=vdi,DC=vmware,DC=int" which I don't have. In fact I don't have any entries in the ADAM database under that path.

Solution 4 doesn't seem to apply as I don't have a C:\ProgramData\VMware\VDM\krb\ folder let alone C:\ProgramData\VMware\VDM\krb\krb5.conf.

Would this help you?

Using the vdmadmin command to exclude or include a domain on a search list for View Administrator or Security Server (2006292)

https://kb.vmware.com/s/article/2006292

We have three domains (e.g. domain1, domain2, domain3). I'm already doing a include so only 1 of our 3 AD domain (domain1) is used for Horizon logins.

The issue here is that within that single AD domain (domain1) we can only talk to 6 of the 100+ domain controllers within the same AD site that the connection servers are in. The Connection Servers are intermittently ignoring the AD site during periods of high logins (first thing in the morning and right after lunch) and trying to use all of the DC.

When you query DNS for that domain name does all the servers IP's return? I'm wondering what happens if you edit the local hosts file on the connection servers for the domain name and put in only the domain controllers you want to access.

I'm working with support and they've asked us to enable trace/full connection server logging during the time the issue occurs. We typically see it first thing in the morning when lots of users are logging in but missed it this morning.