VSAN tabs missing in vSphere Client due to proxy authentication failure
search cancel

VSAN tabs missing in vSphere Client due to proxy authentication failure

book

Article ID: 430753

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • Post vCenter upgrade the VSAN tab is missing.
  • vCenter is missing views on all clusters related to vSAN monitoring as well as the tab for cloud native storage.

In /var/log/vmware/vsphere-ui/logs/vsphere_client_virgo.log you find the following error message:

[ERROR] p-nio--xx-exec-xx  com.vmware.vise.mvc.controllers.PluginServiceController           A general error occurred while evaluating plugin (com.vmware.vsan.client:8.0.203.10000:1563040855) dynamic extensions info from the vSphere Client platform. com.vmware.vcenter.apigw.security.AuthenticationException: Failed to log into [uri=http://xxxxx:8201/api, sessionMgr=SessionManagerInfo [_sessionMgrSvcId=com.vmware.cis.session, _loginOpId=create, _logoutOpId=delete], ssoDomain=vsphere.local]: com.vmware.vapi.std.errors.unauthenticated => {data=<unset>, error_type=UNAUTHENTICATED, messages=[com.vmware.vapi.std.localizable_message => {args=[], default_message=Unable to authenticate user, localized=<unset>, id=vapi.security.authentication.invalid, params=<unset>}]}
        at java.lang.Thread.getStackTrace(Thread.java:1564)

applmgmt.log:

authentication.authentication_sso:Downloading trusted certs from url : https://<vc-fqdn>/idm/tenant/vsphere.local/certificates?scope=TENANT
XXXX-XX-XXTXX:XX:XX PM CET [3353761]ERROR:vmware.appliance.extensions.authentication.authentication_sso:urlopen() failed with exception <urlopen error Remote end closed connection without response>
XXXX-XX-XXTXX:XX:XX PM CET [3353761]DEBUG:vmware.appliance.extensions.authentication.authentication_sso:Downloading trusted certs from url : https://<vc-fqdn>/idm/tenant/vsphere.local/certificates?scope=TENANT
XXXX-XX-XXTXX:XX:XX PM CET [3353761]ERROR:vmware.appliance.extensions.authentication.authentication_sso:Unhandled exception during SAML token validation
Traceback (most recent call last):

Environment

vCenter Server 8.0.3

Cause

This issue is observed in environments with Proxy configured on vCenter Server Appliance and the connection to authenticate user fails while going through proxy.

Resolution

  • Connect to the VAMI Page of vCenter Server Appliance (https://vcsa_fqdn:5480)
  • Remove the Proxy Configuration or add the vCenter FQDN and ip to exclusion list, refer to Configure the proxy to navigate to the Proxy Configuration Page.
  • Reboot the vCenter Server Appliance

Powered by Wolken Software