000029449 - Axm 6.2 Dispatcher email SMTP alerts does not work in 6.2

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000029449
Applies ToRSA Product Set: ClearTrust
RSA Product/Service Type: Access Manager
RSA Version/Condition: 6.2, 6.1.4 (SP4)
Platform: Linux
Platform (Other): null
O/S Version: Red Hat Enterprise Linux 6.x
Product Name: null
Product Description: null
IssueNo email alerts are being sent out from the dispatcher when the aservers are unreachable or down.
Messages of this type of absent from the dispatcher.log or lserver.log file:
sequence_number=16,remote_client=192.168.206.133,2015-01-19 14:27:28:715 PST,messageID=2000,event_type=Emailed Administrator,event_description=Ping fail limit exceeded,server=AuthServerDetails( Addr = WIN-505ATCFECED, Port = 5615, Exp host = 192.168.206.133, Location Class = _NO_AS_CLASS_, Failure Cnt = 1 )

In the dispatcher.out file in debug mode you can see that initially when the dispatcher server is started the SNMP settings are set, and the initial email alert (if any) from the dispatcher may be sent correctly.




14:01:24:994 [*] [main] - Initializing Email Notification Handler with the following parameters 
14:01:24:994 [*] [main] - SMTP Host = localhost
14:01:24:994 [*] [main] - SMTP Port = 25



However, a few seconds later when the keyserver process is spawned




14:01:25:165 [*] [main] - KeyServer: T-9 minutes & Holding.  Systems check:



The SMTP information shows as null and it indicates that email alerts will not be sent.




14:01:25:165 [*] [main] - Initializing Email Notification Handler with the following parameters 
14:01:25:165 [*] [main] - SMTP Host = null
14:01:25:165 [*] [main] - SMTP Port = -1
14:01:25:165 [*] [main] - Email configuration not set. No notification emails will be sent


CauseThis problem occurs because in6.1.4 (SP4) support for SMTP for the keyserver was added but keyserver.conf file parameters for SNMP were never added. Since the dispatcher and keyserver run in the same process, the (incorrect) settings for the keyserver are used instead of those for the dispatcher.
ResolutionThis issue will be resolved in RSA Access Manger 6.2.2 (SP2).  
WorkaroundAdd the following lines to the keyserver.conf file and set them to the same values as the corresponding dispatcher.conf file settings.   These settings will be used by both the dispatcher and keyserver for SMTP alerts.
 
# The name of the host machine where the SMTP-compatible e-mail server resides.
#
# Allowed Values:
#   A valid hostname.
#
# Default Value:
#   None
#
# Dependencies:
#   When this parameter is set, you must also set the .smtp.port parameter.
#
cleartrust.keyserver.smtp.hostname=localhost

# The SMTP port of the e-mail server specified by .smtp.hostname.
#
# Allowed Values:
#   A valid port number.
#
# Default Value:
#   None
#
# Dependencies:
#   When this parameter is set, you must also set the .smtp.hostname parameter.
#
cleartrust.keyserver.smtp.port=25

# These parameters specify the username and password of the mail account
# on the SMTP e-mail server if it is necessary to log in to the e-mail server
# before mail can be sent.
#
# Allowed Values:
#   A string in the form of a valid username and password for the mail account.
#
# Default Value:
#   None
#
# Example:
#   cleartrust.dispatcher.smtp.account.username=rnixon
#   cleartrust.dispatcher.smtp.account.password=checkers
#
#cleartrust.dispatcher.smtp.account.username=
#cleartrust.dispatcher.smtp.account.password=

# Optional parameter. Specifies the e-mail address from where
# RSA Access Manager will send a message if an Authorization Server fails.
#
# Allowed Values:
#   A string in the form of a valid e-mail address.
#
# Default Value:
#   cleartrust@rsasecurity.com
#
# Note:
#   If the SMTP server filters e-mail based on the contents of the From
#   field, set this parameter to a value that does not cause the message
#   to be filtered out.
#
cleartrust.keyserver.smtp.from_address=administrator@localhost

# Optional parameter. Specifies the e-mail address to which
# RSA Access Manager sends a message to if an Authorization Server fails.
#
# Allowed Values:
#   A valid e-mail address for your RSA Access Manager network
#   administrator.
#
# Default Value:
#   cleartrust@rsasecurity.com
#
cleartrust.keyserver.admin_address=administrator@localhost


 
 

Attachments

    Outcomes