Appears vIDM does authentication based on DNS SRV entries for the domain. In order to set which DC is used for authentication we needed to update the krb5.conf file in-line with this KB article: VMware Knowledge Base . We have adjusted as described and will be taking a DC offline tomorrow to see if we are able to reproduce the issue after these changes were made.
