• Post making changes to DNS entries in VAMI unable to access vSphere web client and the page is found stuck at loading. 
• service-control --status --all shows all the services in running status. 
• DNS details shows correctly in VAMI but nslookup on vCenter FQDN fails to resolve. 
• /var/log/vmware/vsphere-ui/logs/vsphere_client_virgo.log: 

[yyyy-mm-ddThh:mm:ss] [INFO ] p-nio-127.0.0.1-5090-exec-10 70000124 100020 ###### com.vmware.vsphere.client.security.websso.WebssoUtil  [authenticationError] Message details: id=_##############################, type=AUTHN_RESPONSE, source='https://vCenterhostname.domain.com/websso/SAML2/Metadata/vsphere.local', target='https://vCenterhostname.domain.com/ui/saml/websso/sso', issueInstant=''
[yyyy-mm-ddThh:mm:ss] [ERROR] p-nio-127.0.0.1-5090-exec-10 70000124 100020 ###### com.vmware.vsphere.client.security.websso.LogonProcessorImpl  Status: urn:oasis:names:tc:SAML:2.0:status:Requester, sub status: null
[yyyy-mm-ddThh:mm:ss] [INFO ] tp-nio-127.0.0.1-5090-exec-2 70000129 100020 ###### com.vmware.vsphere.client.security.util.Util  getUserSession called on an inactive session.
[yyyy-mm-ddThh:mm:ss] [WARN ] tp-nio-127.0.0.1-5090-exec-4  com.vmware.vise.vim.fabric.BifrostConfigurer Failed to create app-fabric connection: clientId is null

• /var/log/vmware/sso/vmware-identity-sts-default.log: 

[yyyy-mm-ddThh:mm:ss] WARN sts-default[23:jaeger.RemoteReporter-QueueProcessor] [CorId= OpId=] [io.jaegertracing.internal.reporters.RemoteReporter] FlushCommand execution failed! Repeated errors of this command will not be logged.
Caused by: java.net.PortUnreachableException: ICMP Port Unreachable
        at java.net.PlainDatagramSocketImpl.send(Native Method) ~[?:1.8.0_452]
        at java.net.DatagramSocket.send(DatagramSocket.java:693) ~[?:1.8.0_452]
        at io.jaegertracing.thrift.internal.reporters.protocols.ThriftUdpTransport.flush(ThriftUdpTransport.java:149) ~[jaeger-thrift-1.8.0.jar:1.8.0]
        at org.apache.thrift.TServiceClient.sendBase(TServiceClient.java:73) ~[libthrift-0.14.1.jar:0.14.1]
        at org.apache.thrift.TServiceClient.sendBaseOneway(TServiceClient.java:66) ~[libthrift-0.14.1.jar:0.14.1]
        at io.jaegertracing.agent.thrift.Agent$Client.send_emitBatch(Agent.java:70) ~[jaeger-thrift-1.8.0.jar:1.8.0]
        at io.jaegertracing.agent.thrift.Agent$Client.emitBatch(Agent.java:63) ~[jaeger-thrift-1.8.0.jar:1.8.0]
        at io.jaegertracing.thrift.internal.senders.UdpSender.send(UdpSender.java:84) ~[jaeger-thrift-1.8.0.jar:1.8.0]
        at io.jaegertracing.thrift.internal.senders.ThriftSender.flush(ThriftSender.java:114) ~[jaeger-thrift-1.8.0.jar:1.8.0]
        ... 3 more

• VMware vCenter Server 
• VMware vSphere ESXi

The DNS changes made in VAMI is not updated in the vCenter appliance configuration file. The underlying network configuration file in the appliance - /etc/resolv.conf still reflects the old DNS server details causing the vCenter appliance being unable to resolve its own FQDN or other critical network-dependent services (like SSO/SAML), resulting in authentication failures and an unresponsive web client.

• To verify and update the current DNS configuration using the tool - vami_config_net.
  • Open a console session of the VCSA, then login with root.
  • Run the following command:  /opt/vmware/share/vami/vami_config_net

(Command output below)

Main Menu
0) Show Current Configuration (scroll with Shift-PgUp/PgDown)
1) Exit this program
2) Default Gateway
3) Hostname
4) DNS
5) Proxy Server
6) IP Address Allocation for eth0

• • Enter option 4 to update the DNS entries. 

VMware vCenter Server Appliance hostname and DNS configuration

Update DNS Server IP address for vCenter Server