• When attempting to change the vCenter Server IP address or FQDN from the VAMI interface, the operation fails with the error: “Network update failed: Failed to add Managed Service Accounts.”
  
  
  
  
• The following errors are observed in /var/log/vmware/applmgmt/pnid_change.log which indicates that there is a failure to add new DN for service account.

pnid_utils-add_managedsvcacc():404 - ERROR - Failed to add dn cn=vmca/[email protected],cn=Managed Service Accounts,dc=vsphere,dc=local

pnid_utils-add_managedsvcacc():379 - INFO - Adding new DN for service account : cn=ldap/Old-vCenter-FQDN@VSPHERE.LOCAL,cn=Managed Service Accounts,dc=vsphere,dc=local

pnid_utils-add_managedsvcacc():404 - ERROR - Failed to add dn cn=ldap/Old-vCenter-FQDN@VSPHERE.LOCAL,cn=Managed Service Accounts,dc=vsphere,dc=local

The vCenter IP/FQDN change fails due to stale or duplicate LDAP entries for the old vCenter hostname existed in the Managed Service Accounts and configuration in vCenter LDAP (LDIF) database, preventing the creation of new Managed Service Account objects during the PNID change process.

1. Revert the vCenter Server Appliance to the snapshot taken prior to the hostname/IP change.

2. Connect to the vCenter LDAP using JXplorer by following the steps mentioned in: Using JXplorer to connect to the vSphere Single Sign-on

3. Remove all entries related to the old vCenter hostname from: Configuration > Sites > Servers and Managed service accounts:

4. Retry updating the IP/FQDN from the vCenter VAMI by following Update or Change vCenter Server Appliance Hostname/Fully Qualified Domain name (FQDN)/PNID