random SAML Subject NameIdentifier missing required NameIdentifier messages on authentication

Hello,

we are using a 4 node load-balanced (F5 Bigip - least connections) NAM cluster running NAM 5.0.2. The user store consist of a cluster of 4 eDir servers which are also load balanced (least connections) via the same F5.

At random users seem to be getting the message "SAML Subject NameIdentifier missing required NameIdentifier" when trying to logon to a connected SP.

When they clear browser cookies or use a private session the authentication may succeed or fail again.

Most of the SP's are configured to use a "Transient" NameID which is configured to be "Automatically generated", so this should not be an issue of the attribute not being present in the user store (which also will not be the case, all replica's are healthy)

Is anyone else also experiencing this ? or maybe anyone has a solution to this?