Troubleshooting
Problem
When ISIM sends a mail notification, there are many steps involved in the process with some that have retry attempts and others that are fire and forget. This technote is designed to give more information and help with troubleshooting mail notification related issues.
When ISIM reaches a notification request in a workflow, the workflow does a "fire and forget" and moves forward. By "fire", the workflow sends the notification to the itim_ms queue in WAS. Once on the itim_ms queue, ISIM attempts to make a connection to the SMTP server and if successful, ISIM sends the email notification to the SMTP server. After sending the email notification, the ISIM code waits for a QUIT response from the SMTP server to know that the request was received and processed. When the QUIT response is received, the mail notification is considered complete and the message is removed from the itim_ms queue.
Troubleshooting and Correcting Failure Scenarios:
1.) If a connection cannot be made to the SMTP server, then the message remains in the itim_ms queue and will be retried based off of WAS retry timeouts.
The ISIM trace.log and WAS SystemOut.log should be reviewed in this scenario. It should be clear that a connection cannot be made to the SMTP server. It is best to make sure the SMTP server is active and working properly. If a load balancer is used and the primary SMTP server is down so a failover server is used, there may be an issue with WAS DNS cache where the old location is still used. A restart of WAS will correct this temporarily. However, it is best to add a JVM parameter of -Dnetworkaddress.cache.ttl=300 which will refresh the DNS cache of WAS every 5 minutes.
The ISIM trace.log and WAS SystemOut.log should be reviewed in this scenario. It should be clear that a connection cannot be made to the SMTP server. It is best to make sure the SMTP server is active and working properly. If a load balancer is used and the primary SMTP server is down so a failover server is used, there may be an issue with WAS DNS cache where the old location is still used. A restart of WAS will correct this temporarily. However, it is best to add a JVM parameter of -Dnetworkaddress.cache.ttl=300 which will refresh the DNS cache of WAS every 5 minutes.
2.) If an SMTP server is not sending back a QUIT response, it is best to start troubleshooting at the SMTP server side. From an ISIM perspective, there are a number of things that can be done to allow mail notifications to continue, however they all have the potential negative side effect of an email notification not being sent and having no indication that there was a failure.
In the enRoleMail.properties the following can be set:
mail.smtp.quitwait=false - This will have the ISIM code not wait for the QUIT response, but rather once the email message is sent to the SMTP server, the message is removed from the itim_ms queue.
mail.smtp.timeout - Socket I/O timeout value in milliseconds
mail.smtp.connectiontimeout - Socket connection timeout value in milliseconds
(see the following technote for additional information: https://www.ibm.com/support/pages/node/341275)
(see the following technote for additional information: https://www.ibm.com/support/pages/node/341275)
Document Location
Worldwide
[{"Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSRMWJ","label":"IBM Security Identity Manager"},"ARM Category":[{"code":"a8m0z0000001hhkAAA","label":"Identity Manager-\u003EMail"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Was this topic helpful?
Document Information
Modified date:
08 December 2020
UID
ibm16377664