Environment
NetIQ Access Manager 3.2
NetIQ Access Manager 3.2 Support Pack 1 applied
NetIQ Access Manager 3.2 Admin Console on Windows 2008 Server
Situation
Windows Admin Console installer on Windows is using a silent installer of tomcat, which installs tomcat manager. Unlike the Linux IDP server or Access Gateway, tomcat is not hardened and some of the services that should not be there are indeed there.
Resolution
These files from the /manager folders can be manually deleted without impacting NAM functionality.
Modifying web.xml is also an option to prevent access, but deleting the files is the recommended approach.