Topic
This article applies to BIG-IP 12.x – 13.x. For information about other versions, refer to the following article:
When the BIG-IP system is licensed with BIG-IP APM, a separate set of processes is initiated in addition to the standard set of BIG-IP processes. The following table lists the core BIG-IP APM services, and indicates the impact to the BIG-IP APM system operation if the service is not running:
| Daemon | Description | Impact if not running | Relevant log files |
|---|---|---|---|
| acctd | Handles RADIUS accounting messages. Note: Removed in version 13.1.0 and replaced with a native Traffic Management Microkernel (TMM) implementation. | RADIUS accounting messages are not sent to external RADIUS servers | /var/log/apm |
| aced | The aced process provides RSA SecurID authentication functionality for BIG-IP APM’s access policy engine. | RSA SecurID authentication fails | /var/log/apm |
| apmd | The apmd process executes access policy for a user session; this includes Authentication, Authorization, hosting Accounting, and Audit. It also provides an MPI interface, as well as support for access control protocol. | No access policy enforcement for user session or any MPI-reliant processes, such as rewrite and websso | /var/log/apm |
| antserver | The antserver process allows Secure Web Gateway (SWG) to dynamically filter web content. | No dynamic web content filtering | /var/log/apm |
| dnscached | The dnscached process provides DNS cache functionality to BIG-IP APM subsystems. | BIG-IP APM DNS performance is impaired | /var/log/apm |
| eam | The eam process provides external access management for 3rd party identity integration, such as Oracle Access Manager (OAM) single sign-on (SSO). | OAM SSO authentication fails | /var/log/apm |
| eca | The eca process provides the client-side NT Lan Manager (NTLM) authentication mechanism. | BIG-IP APM is unable to authenticate using NTLM | /var/log/apm |
| httpd_sam | Used to serve BIG-IP-generated user-facing HTML pages, such as Login pages, to connected users. | No user display when connecting to APM. | /var/log/httpd/access_log |
| localdbmgr | Maintains entries in the LocalDB, where states of static and dynamic users are stored. | ‘User not found’ errors when connecting. | /var/log/apm |
| mdmsyncmgr | The mdmsyncmgr process fetch MDM-managed endpoint list from MDM servers and stores it in local MySQL database. | BIG-IP APM is unable to fetch MDM-managed endpoint list. | /var/log/apm |
| nlad | The nlad process establishes communication channels to the Domain Controller (DC) for NTLM authentication. | No NTLM communication to backend DC | /var/log/apm |
| oauth | The Oauthis a plug-in providing OAuth Authorization Server functionality for the BIG-IP APM system. Note: This daemon was introduced in 13.x. | No NTLM communication to backend DC | /var/log/apm |
| omapd | The omapd process provides the IF-MAP server implementation for SWG and AFM user identification. | No user identification for SWG | /var/log/omapd |
| ping_access_agent | The Ping_Access_Agent provides integration functionality with Ping Identity for the BIG-IP APM system. Note:This daemon was introduced in 13.x. | PingIdentity authentication fail | /var/log/omapd |
| rba | The rba process provides support for client-side Kerberos authentication. | No Kerberos authentication | /var/log/apm |
| rewrite | The rewrite process rewrites links in web content for Portal Access. | Portal Access web links are not rewritten | /var/log/rewrite |
| samlidpd | The samlidpd process interacts with the mcpd process to automate SAML IdP connector creation. | SAML IdP connector creation fails | /var/log/saml_automation.log |
| urldb | The urldb process categorizes incoming URLs for SWG. | No SWG URL categorization | /var/log/apm, /var/log/urldb-trace.log |
| urldbmgrd | The urldbmgrd process downloads and indexes the URL categorization database for use by the urldb process. | URL categorization for SWG is impaired | /var/log/apm, /var/log/urldbmgr-trace.log |
| vdi | The vdi process handles communication for XML-based clients and back-end systems such as Citrix and VMware View. | Citrix integration and RDP access fails | /var/log/apm |
| websso | The websso process provides Single Sign-On (SSO) functionality for the BIG-IP APM system. | SSO fails | /var/log/apm |
Recommendations
You can manage BIG-IP APM processes using the TMOS Shell (tmsh) or the bigstart utility.
Starting and stopping BIG-IP APM processes using the tmsh utility
-
- Log in to the tmsh utility by typing the following command:tmsh
- To stop, start, or restart a BIG-IP APM process, use the following syntax:<bigstart action> <process>In this command syntax, note the following:
- <action> is the action to be performed, such as stop, start, or restart
- <process> is the name of the BIG-IP APM process
For example, to restart the eam process, type the following command:
restart /sys service eam
Starting and stopping BIG-IP APM processes using the bigstart utility
- Log in to the BIG-IP APM command line.
- To stop, start, or restart a BIG-IP APM process, use the following syntax:
- <action> is the action to be performed, such as stop, start, restart, or status.
- <process> is the name of the BIG-IP APM process.
For example, to view the status of the websso process, type the following command:
bigstart status websso
For information about using the bigstart utility, see the bigstart man page.
