Environment
NetIQ Access Manager 3.2
NetIQ Access Manager 4.0
NetIQ Access Manager Access Gateway debug Advanced Options enabled
NetIQ Access Manager 4.0
NetIQ Access Manager Access Gateway debug Advanced Options enabled
Situation
Administrator enabled Access GAteway debug options to troubleshoot an issue with NetIQ technical support. After grabbing the required info, the debug options were removed. Despite updating the server successfully, the debug log files on the Access Gateway continued to grow to the point where file system warnings started to appear as the server was low on disk space.
The problem could be duplicated internally using the following steps:
The problem could be duplicated internally using the following steps:
a) enable the following advanced options for the AG LogLevel info DumpHeaders on DumpResponseHeaders on DumpHeadersFacility local6 DumpResponseHeadersFacility local6 DumpSoapMessages on DumpSoapMessagesFacility local5 b) verify that the soapmessages, httpheaders and error_log file are written with debug level info c) Change the settings to be the following: LogLevel warn #DumpHeaders on #DumpResponseHeaders on #DumpHeadersFacility local6 #DumpResponseHeadersFacility local6 #DumpSoapMessages on #DumpSoapMessagesFacility local5 d) apply the update until AG status is success e) browse to any protected resources on that AG and verify that the httpheaders and soapmessages files are being written to still. The error_log file appears to be writing the correct info and working fine.
Resolution
Apply NAM 4.0 SP1.
Cause
Because of graceful restart change added to Apache in NAM 3.2 SP2, the dump headers flag were not
reset after removing the advanced options. With the NAM 4.0 SP1 change, the code is removed from the
core httpd code and added into mod_novell_ag, which is reset correctly with updates.