Environment
NetIQ Access Manager 3.2
NetIQ Access Manager 3.2 IR1 applied
NetIQ Access Manager 3.2 Admin Console
NetIQ Access Manager 3.2 Access Gateway
NetIQ Access Manager 3.2 IR1 applied
NetIQ Access Manager 3.2 Admin Console
NetIQ Access Manager 3.2 Access Gateway
Situation
After applying multiple changes to a working Access Gateway, the state of the server would always remain in the pending state after the change was applied. After every such event, it was required that the Admin delete the pending command to get the status back to succeeded state.
Resolution
Remove the 'ErrorLog' Advanced Options setting and reapply the change. Once done, we added it back in again and all worked fine.
The reason we came to the conclusion that it was releated to the ErrorLog parameter was based on the output of the JCC logs. The JCC log file on the AG included the following snippet referencing an error:
<exServiceHealth exHealthStatus="Failed" exServiceName="AGM - Configuration"><exDescription
exHealthStatus="Failed">Pending configuration file found 1348669824185-config.xml<exAction>Check AGM log files for
potential processing problems.</exAction></exDescription></exServiceHealth><exServiceHealth exHealthStatus="Passed"
exServiceName="TCP Listener 127.0.0.1:8181"><exDescription exHealthStatus="Passed">Operating properly
Responsive listener on 127.0.0.1:8181</exDescription></exServiceHealth><exServiceHealth exHealthStatus="Passed"
exServiceName="TCP Listener 172.29.240.170:443"><exDescription exHealthStatus="Passed">Operating properly
Responsive listener on 172.29.240.170:443</exDescription></exServiceHealth><exServiceHealth exHealthStatus="Passed"
exServiceName="TCP Listener 172.29.240.170:80"><exDescription exHealthStatus="Passed">Operating properly
Responsive listener on 172.29.240.170:80</exDescription></exServiceHealth><exServiceHealth exHealthStatus="Passed"
exServiceName="TCP Listener 172.29.240.146:443"><exDescription exHealthStatus="Passed">Operating properly
Responsive listener on 172.29.240.146:443</exDescription></exServiceHealth><exServiceHealth exHealthStatus="Passed"
exServiceName="TCP Listener 172.29.240.146:80"><exDescription exHealthStatus="Passed">Operating properly
Responsive listener on 172.29.240.146:80</exDescription></exServiceHealth><exServiceHealth exHealthStatus="Warning"
exServiceName="Access Gateway startup log"><exDescription exHealthStatus="Warning">The last part of file:
rcnovell-apache2.out.pending contains errors. (21)Is a directory: httpd: could not open error log file
/var/log/laglogs/.<br>Unable to open logs<br><br>novell-apache2 script has thrown error message : Syntax OK<br>Shutting
down Novell Gateway Service(waiting for children to exit) ..done<br>Starting Novell Gateway
Service.....failed<br><br>see /var/log/novell-apache2/rcnovell-apache2.out for
details<br><exAction/></exDescription></exServiceHealth></exHealth>
Looking at the pending config.xml file referenced in this error ( /opt/novell/nam/mag/webapps/agm/WEB-INF/config/pending/ direcory on AG), the only snippet of the configuration referencing the problem laglogs string from above was the following section containing the Advanced Options.
<ConfigurationOption ConfigurationOption="#NAGGlobalOptions FlushUserCache=on
#NAGGlobalOptions noURLNormalize=on
#NAGGlobalOptions ForceUTF=on
#NAGGlobalOptions DebugHeaders=on
#IgnoreDNSServerHealth on
#ProxyErrorOverride On
NAGLAGCompatiability on
NAGGlobalOptions NAGDisableExternalRewrite=on
NAGGlobalOptions ESP_Busy_Threshold=5000
NAGGlobalOptions DebugHeaders=on
ErrorLog /var/log/laglogs/" Enable="1" LastModified="1347982232901" LastModifiedBy="cn=jojo,o=novell" />
</AdditionalConfiguration>
We removed this parameter initially to make sure all worked fine. Once we confirmed this, we added the entry again making sure that there were no additional carriage return/line feeds in the setup and all continued to work fine.
The reason we came to the conclusion that it was releated to the ErrorLog parameter was based on the output of the JCC logs. The JCC log file on the AG included the following snippet referencing an error:
<exServiceHealth exHealthStatus="Failed" exServiceName="AGM - Configuration"><exDescription
exHealthStatus="Failed">Pending configuration file found 1348669824185-config.xml<exAction>Check AGM log files for
potential processing problems.</exAction></exDescription></exServiceHealth><exServiceHealth exHealthStatus="Passed"
exServiceName="TCP Listener 127.0.0.1:8181"><exDescription exHealthStatus="Passed">Operating properly
Responsive listener on 127.0.0.1:8181</exDescription></exServiceHealth><exServiceHealth exHealthStatus="Passed"
exServiceName="TCP Listener 172.29.240.170:443"><exDescription exHealthStatus="Passed">Operating properly
Responsive listener on 172.29.240.170:443</exDescription></exServiceHealth><exServiceHealth exHealthStatus="Passed"
exServiceName="TCP Listener 172.29.240.170:80"><exDescription exHealthStatus="Passed">Operating properly
Responsive listener on 172.29.240.170:80</exDescription></exServiceHealth><exServiceHealth exHealthStatus="Passed"
exServiceName="TCP Listener 172.29.240.146:443"><exDescription exHealthStatus="Passed">Operating properly
Responsive listener on 172.29.240.146:443</exDescription></exServiceHealth><exServiceHealth exHealthStatus="Passed"
exServiceName="TCP Listener 172.29.240.146:80"><exDescription exHealthStatus="Passed">Operating properly
Responsive listener on 172.29.240.146:80</exDescription></exServiceHealth><exServiceHealth exHealthStatus="Warning"
exServiceName="Access Gateway startup log"><exDescription exHealthStatus="Warning">The last part of file:
rcnovell-apache2.out.pending contains errors. (21)Is a directory: httpd: could not open error log file
/var/log/laglogs/.<br>Unable to open logs<br><br>novell-apache2 script has thrown error message : Syntax OK<br>Shutting
down Novell Gateway Service(waiting for children to exit) ..done<br>Starting Novell Gateway
Service.....failed<br><br>see /var/log/novell-apache2/rcnovell-apache2.out for
details<br><exAction/></exDescription></exServiceHealth></exHealth>
Looking at the pending config.xml file referenced in this error ( /opt/novell/nam/mag/webapps/agm/WEB-INF/config/pending/ direcory on AG), the only snippet of the configuration referencing the problem laglogs string from above was the following section containing the Advanced Options.
<ConfigurationOption ConfigurationOption="#NAGGlobalOptions FlushUserCache=on
#NAGGlobalOptions noURLNormalize=on
#NAGGlobalOptions ForceUTF=on
#NAGGlobalOptions DebugHeaders=on
#IgnoreDNSServerHealth on
#ProxyErrorOverride On
NAGLAGCompatiability on
NAGGlobalOptions NAGDisableExternalRewrite=on
NAGGlobalOptions ESP_Busy_Threshold=5000
NAGGlobalOptions DebugHeaders=on
ErrorLog /var/log/laglogs/" Enable="1" LastModified="1347982232901" LastModifiedBy="cn=jojo,o=novell" />
</AdditionalConfiguration>
We removed this parameter initially to make sure all worked fine. Once we confirmed this, we added the entry again making sure that there were no additional carriage return/line feeds in the setup and all continued to work fine.