How To
ForgeRock Identity Platform
Does not apply to Identity Cloud

How do I configure the heartbeat timeout in AM (All versions)?

Last updated May 10, 2022

The purpose of this article is to provide information on configuring the heartbeat timeout in AM. This allows you to tune the heartbeat timeout if you experience issues with heartbeat timeouts.

3 readers recommend this article


Heartbeat timeout is the time spent on AM sending and receiving the heartbeat request and is not pure processing time on DS.

The default heartbeat timeout of 3 seconds is configurable, which is useful if you are experiencing heartbeat timeouts. You will see errors such as the following in your logs if you are experiencing heartbeat timeouts:

  • Session debug log (when debug level is set to Message): Caused by: org.forgerock.opendj.ldap.ConnectionException: Server Connection Closed: Heartbeat timed out after 500 ms
  • IdRepo debug log (when debug level is set to Message): org.forgerock.opendj.ldap.ConnectionException: Server Connection Closed: Heartbeat timed out after 500 ms
  • Web application container log (for example, catalina.out for Apache Tomcat™): WARNING: No heartbeat detected for connection 'LDAPConnection(/,'

If you do see errors such as the above, you should increase the heartbeat timeout; it is recommended that you initially increase it to 10 seconds and then slowly increase it further if you continue to see errors.

Configuring the heartbeat timeout

You can configure the heartbeat timeout using either the console or ssoadm:

  • Console: navigate to: Deployment > Servers > [Server Name] > Advanced and add the org.forgerock.openam.ldap.heartbeat.timeout property and enter the heartbeat timeout in seconds for the value. To add the property as a server default, navigate to: Configure > Server Defaults > Advanced instead. Once you have entered the property and value, click + to add followed by Save Changes.
  • ssoadm: enter the following command: $ ./ssoadm update-server-cfg -s [servername] -u [adminID] -f [passwordfile] -a org.forgerock.openam.ldap.heartbeat.timeout=[seconds] replacing [servername], [adminID], [passwordfile] and [seconds] with appropriate values, where [servername] can be default if you want to change the default server settings instead. For example:
    • AM 7 and later: $ ./ssoadm update-server-cfg -s default -u uid=amAdmin,ou=People,dc=openam,dc=forgerock,dc=org -f pwd.txt -a org.forgerock.openam.ldap.heartbeat.timeout=10
    • Pre-AM 7: $ ./ssoadm update-server-cfg -s default -u amadmin -f pwd.txt -a org.forgerock.openam.ldap.heartbeat.timeout=10

You must restart the web application container in which AM runs to apply these configuration changes. 

See Also

How do I perform a heartbeat check against DS (All versions)?

Related Training


Related Issue Tracker IDs


Copyright and Trademarks Copyright © 2022 ForgeRock, all rights reserved.