Summary:

If IIS has a problem with isapi_redirect.dll filter, we may need to look at the isapi_redirect.log in order to investigate the problem.

In file C:\Program Files\CA\DSM\Web Console\jakarta\isapi_redirect.properties the log file is configured at following path:

log_file=C:\Program Files\CA\DSM\Web Console\logs\isapi_redirect.log

However, the isapi_redirect.log file is not present in this path.

Solution:

A process w3wp.exe (IIS Worker Process) starting under the "Network Service" account loads the file C:\Program Files\CA\DSM\Web Console\jakarta\isapi_redirect.dll.

This process should also write in the file C:\Program Files\CA\DSM\Web Console\logs\isapi_redirect.log

By default the NTFS security rights on C:\Program Files\CA\DSM\Web Console\logs allows only Read access to the group "Users".

<Please see attached file for image>

The user "Network Service" belongs to group "Authenticated Users" which belongs to the group Users.

As w3wp.exe is started with "Network Service", it has no write rights on the directory C:\Program Files\CA\DSM\Web Console\logs.

Therefore, the file C:\Program Files\CA\DSM\Web Console\logs\isapi_redirect.log is not created.

• Add NTFS Modify rights on group "Users" for directory "C:\Program Files\CA\DSM\Web Console\logs" Or add the user "NETWORK SERVICE" with NTFS Modify rights on the directory "C:\Program Files\CA\DSM\Web Console\logs".
  
  

  <Please see attached file for image>

  
  
  
• Restart IIS & tomcat:

  iisreset
  caf stop tomcat
  caf start tomcat

The file C:\Program Files\CA\DSM\Web Console\logs\isapi_redirect.log should now be created.

• In order to have more detail in this file we could set the log level to trace:
  
  
  • Edit file C:\Program Files\CA\DSM\Web Console\jakarta\isapi_redirect.properties with notepad
    
    
  • Change value of log_level to trace:

    log_level=trace

    <Please see attached file for image>

    
    
    

  • Recycle IIS & Tomcat.

Release: UASIT.99000-12.5-Asset Intelligence
Component: