I had the exact same problems but it was not possible for me to bring back the old DCs online. I removed the identity source and re-created a new one with the new DCs. Everything is working fine now.Thanks for this post. It saved me a lot of time!
P.S. to add a password to the admin@system-domain account, i did the following command:
in C:\Program Files\VMware\Infrastructure\SSOServer\utils
rsautil reset-admin-password --master-pwd your_master _password --admin-name admin --admin-pwd new_admin_password