VMware NSX for vSphere has to be paired with vCenter Server (VC) for enabling some features in NSX.
Configuring Lookup service in NSX is optional in both VCVA and Windows VC environments. Without the Lookup service configuration, the functionality of NSX does not affect at all with the exception of group based authentication.
Whenever you want to assign a role in NSX, you can assign a role to an SSO User or Group.If Lookup service is not configured, the group based role assignment would not work. For example, the user from that group would not be able to log in to NSX. This is because, we cannot fetch any group information from the SSO server. The group based authentication provider is only available when Lookup service is configured. User login where the user is explicitly assigned a role on NSX is not be affected. This means that the customer has to individually assign roles to the users and would not be able to take advantage of SSO groups.