status 300101037, User Store page not accessible and unresponsive Identity Server due to a virus in the Microsoft network

  • 7009502
  • 14-Jun-2012
  • 14-Jun-2012

Environment

Novell Access Manager 3

Situation

It has been reported by a customer that the Identity Server might be affected by a situation when a Microsoft Active Directory server configured and used as User Store is under a condition of a Denial of Service (DoS) attack from a of a virus or worm in the network.

Identity Server might be not respond properly, User Store configuration page in the Admin Console is not accessible and many of the following messages are shown in the catalina.out of the Identity Server:

<amLogEntry> 2012-06-04T20:09:07Z WARNING NIDS Application: Exception: NIDPLOGGING.300101037 </amLogEntry>

Resolution

This issue has been reported by a customer specifically due to the affection of the worm "worm.kido" in the Microsoft network. This worm exploits a Microsoft Security Vulnerability and compromises the attacked machine which becomes very slow and unable to process all the incoming requests.
Please see Microsoft Security Bulletin MS08-067 for further information to remove this affection.

It is possible this condition might happen in general when a User Store server is extremely overloaded or there is a bottleneck of any other kind by other viruses or worms.

Feedback service temporarily unavailable. For content questions or problems, please contact Support.