Symantec IGA

 View Only
  • 1.  How to Increase the Heap Size on the Server.

    Posted Feb 27, 2024 02:08 PM

    Hi Techies,

    I would like to bring to your attention about the ongoing issue of CA-IDM "Java Out of Memory-HeapSpace/VM Limit Issue" which is majorly affecting the Password Resets of User's in Symantic Identity Manager Application. Necessary troubleshooting has been made by all of us trying to fix the issue which involved increasing the size on Jvms-1024MB, Jvmx-4096MB on connector server's/On Non-Prod, Checking the JAVA_OPTS Environment Variables on Standalone.config.bat, Checking the im_cc.logs. However, the issue seems un-resolved. We see that the RAM size is also 16GB on & Server's and the issue is also on the same.

    Referred the Link:Below article on Java Connector Server (JCS) Java heap space out of memory: 

    Error: Screenshot Below,

    Could someone suggest the exact solution to get the issue resolved?

    Thanks in advance.

  • 2.  RE: How to Increase the Heap Size on the Server.

    Broadcom Employee
    Posted Mar 11, 2024 09:03 AM

    Hi Chandra,

    The OutOfMemoryError in your screenshot is from IM server (JBoss) while you are referencing memory allocation of the JCS.

    Are you observing this error only during a password reset? is it consistent?

    Is there any additional logic used during password reset, which might consume memory?

    If you need further assistance with troubleshooting, please raise a Support ticket so we can assist with some more specific troubleshooting steps



  • 3.  RE: How to Increase the Heap Size on the Server.

    Posted Apr 15, 2024 12:22 PM


    Since you mention this challenge was occurring during password reset, I would suggest looking at the password keyspace for special characters that your solution is not allowing.   The solution is UTF8, and can manage most special characters, but we have seen instances of non-compliant characters used that impacted the JAVA memory.   Resolutions included using PX Rule to remove or prevent use of these special characters when the end user would attempt to enter them.

    When you get Out-of-memory-errors, they can be challenging to debug, so you need to capture all info prior to recreating the OOM.   Hopefully, you can recreate this error at will. 

    You may wish to enable full debug on the IME via <IAM Suite>/IdentityManager/tools/samples/Admin/user_console.war/logging_v2.jsp to trace when and what is actually failing.   Additionally, use a PX rule to monitor the Password Reset Task(s) used and sent all output to the logs to ensure it matches your expectations.


    Alan Baugher