Tasks Failing at Random in vApp


Article ID: 207695


Updated On:


CA Identity Manager CA Identity Suite


Under a heavier load, the default vApp journal file size may be inadequate.  vApp defaults to 25MB and 2 files.  This KB provides steps on how to set 20 journals of 25MBs. This means about twenty 25mb size journal files will be created at startup. When one file gets full, Jboss uses the next one.

This can cause tasks to run but fail at random times.  It could be different or the same tasks where they work most of the time but sometimes run and sometimes fail. 


Release : 14.2 and 14.3

Component : IdentityMinder(Identity Manager) on Virtual Appliance




You must sudo add-user.sh and create a new management console user.  I create a new "jbossuser".  Create the user needed and password.  Run the commands in bold below.

 [email protected] VAPP-14.3.0:/opt/CA/wildfly-idm/bin >                                            ls
add-user.bat         init.d                        standalone.bat
add-user.properties  jboss-cli.bat                 standalone.conf
add-user.sh          jboss-cli-logging.properties  standalone.conf.bat
appclient.bat        jboss-cli.sh                  standalone.conf.NOT_IN_USE
appclient.conf       jboss-cli.xml                 standalone.sh

appclient.conf.bat   jconsole.bat                  vault.bat
appclient.sh         jconsole.sh                   vault.sh
client               jdr.bat                       wsconsume.bat
domain.bat           jdr.sh                        wsconsume.sh
domain.conf          run.bat                       wsprovide.bat
domain.conf.bat      run.sh                        wsprovide.sh
domain.sh            service
[email protected] VAPP-14.3.0:/opt/CA/wildfly-idm/bin >                                           

[email protected] VAPP-14.3.0:/opt/CA/wildfly-idm/bin > sudo ./add-user.sh

What type of user do you wish to add?
 a) Management User (mgmt-users.properties)
 b) Application User (application-users.properties)

Enter the details of the new user to add.
Using realm 'ManagementRealm' as discovered from the existing property files.
Username : jbossuser
Password recommendations are listed below. To modify these restrictions edit the add-user.properties configuration file.
 - The password should not be one of the following restricted values {root, admin, administrator}
 - The password should contain at least 8 characters, 1 alphabetic character(s), 1 digit(s), 1 non-alphanumeric symbol(s)
 - The password should be different from the username
Password :
JBAS015266: Password must have at least 1 digit.
Are you sure you want to use the password entered yes/no? y
Re-enter Password :
What groups do you want this user to belong to? (Please enter a comma separated list, or leave blank for none)[  ]:
About to add user 'jbossuser' for realm 'ManagementRealm'
Is this correct yes/no? y
Added user 'jbossuser' to file '/opt/CA/wildfly-idm/standalone/configuration/mgmt-users.properties'
Added user 'jbossuser' to file '/opt/CA/wildfly-idm/domain/configuration/mgmt-users.properties'
Added user 'jbossuser' with groups  to file '/opt/CA/wildfly-idm/standalone/configuration/mgmt-groups.properties'
Added user 'jbossuser' with groups  to file '/opt/CA/wildfly-idm/domain/configuration/mgmt-groups.properties'

Is this new user going to be used for one AS process to connect to another AS process?
e.g. for a slave host controller connecting to the master or for a Remoting connection for server to server EJB calls.
yes/no? n
[email protected] VAPP-14.3.0: /opt/CA/wildfly-idm/bin >
[email protected] VAPP-14.3.0:/opt/CA/wildfly-idm/bin >
[email protected] VAPP-14.3.0:/opt/CA/wildfly-idm/bin > ./jboss-cli.sh
You are disconnected at the moment. Type 'connect' to connect to the server or 'help' for the list of supported commands.
[disconnected /] connect
Authenticating against security realm: ManagementRealm
Username: jbossuser

[[email protected]:9990 /] /subsystem=messaging/hornetq-server=default/:read-attribute(name=journal-min-files)
    "outcome" => "success",
    "result" => 2
[[email protected]:9990 /] /subsystem=messaging/hornetq-server=default/: write-attribute(name=journal-min-files,value=20)
    "outcome" => "success",
    "response-headers" => {
        "operation-requires-reload" => true,
        "process-state" => "reload-required"
[[email protected]:9990 /] reload
[[email protected]:9990 /]  /subsystem=messaging/hornetq-server=default/:read-attribute(name=journal-min-files)
    "outcome" => "success",
    "result" => 20


In the last 4 commands you will see we run "/subsystem=messaging/hornetq-server=default/:read-attribute(name=journal-min-files)".  This result with 2.  We then run "/subsystem=messaging/hornetq-server=default/: write-attribute(name=journal-min-files,value=20).  This writes the value to 20Run a reload.   The last command we read the attribute again "/subsystem=messaging/hornetq-server=default/:read-attribute(name=journal-min-files)" where it now returns 20 confirming the change was made. 

If a cluster, this should be done on all nodes.  This should also be done on any backup servers.