Sign in
 
HomeLibraryWikiLearnGalleryDownloadsSupportForumsBlogs
Resources for IT Professionals >
FIM 2010 R2 Self-Service password reset not working

Answered FIM 2010 R2 Self-Service password reset not working

  • Sunday, September 30, 2012 2:37 PM
     
     
    Sign In to Vote
    0

    Hi everybody,

    I am preparing a demo for FIM 2010 R2 in a test lab all roles on the same server.

    when i try to test the password reset i enter a username as follows: domain\username and click next it gives me the following error:

    Communication Error

    <center>
                                                        ...                                               
    </center>
          An error has occurred. Please try again, and if the problem persists, contact your help desk or system administrator. (Error 3008)  

          Go to      Self-Service Password Reset      home page

    while in App Log:

    FIM Password Reset Portal failure to connect to FIM Service

    The FIM Password Reset Portal failed to connect to the FIM Service.

    Ensure that (1) the FIM Service is running, (2) the FIM Service server address is correct in the web.config file on the FIM Password Reset Portal, and (3) that network connectivity is available between the FIM Password Reset Portal and the FIM Service over the designated port.

    Details:

    System.ServiceModel.Security.SecurityNegotiationException: The caller was not authenticated by the service. ---> System.ServiceModel.FaultException: The request for security token could not be satisfied because authentication failed.

       at System.ServiceModel.Security.SecurityUtils.ThrowIfNegotiationFault(Message message, EndpointAddress target)

       at System.ServiceModel.Security.IssuanceTokenProviderBase`1.ThrowIfFault(Message message, EndpointAddress target)

       at System.ServiceModel.Security.SspiNegotiationTokenProvider.GetNextOutgoingMessageBody(Message incomingMessage, SspiNegotiationTokenProviderState sspiState)

       --- End of inner exception stack trace ---

    Server stack trace:

       at System.ServiceModel.Security.IssuanceTokenProviderBase`1.DoNegotiation(TimeSpan timeout)

       at System.ServiceModel.Security.SspiNegotiationTokenProvider.OnOpen(TimeSpan timeout)

       at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout)

       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)

       at System.ServiceModel.Security.SecurityUtils.OpenCommunicationObject(ICommunicationObject obj, TimeSpan timeout)

       at System.ServiceModel.Security.SymmetricSecurityProtocol.OnOpen(TimeSpan timeout)

       at System.ServiceModel.Security.WrapperSecurityCommunicationObject.OnOpen(TimeSpan timeout)

       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)

       at System.ServiceModel.Channels.SecurityChannelFactory`1.ClientSecurityChannel`1.OnOpen(TimeSpan timeout)

       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)

       at System.ServiceModel.Channels.LayeredChannel`1.OnOpen(TimeSpan timeout)

       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)

       at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)

       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)

       at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)

       at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)

       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)

       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)

       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

    Exception rethrown at [0]:

       at Microsoft.ResourceManagement.WebServices.Client.UninitializedResource.PerformUpdate()

       at Microsoft.ResourceManagement.WebServices.Client.UninitializedResource.Update()

       at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.ResetProxy.GetChallenge(String domain, String userName, ChallengeContext gateChallengeResponse)

       at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.ResetProxy.GetNextChallenge(String domain, String userName, ChallengeContext gateChallengeResponse, FaultExceptionHandlerDelegate faultExceptionHandler)

    any ideas?

    Thanks

    Rateb

     

All Replies

  • Sunday, September 30, 2012 3:17 PM
     
     
    Sign In to Vote
    0

    in the system log I have the following error:

    The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID

    {61738644-F196-11D0-9953-00C04FD919C1}

    and APPID

    {61738644-F196-11D0-9953-00C04FD919C1}

    to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.

     
  • Sunday, September 30, 2012 8:29 PM
     
     Answered
    Sign In to Vote
    0
    the COM error is not related afaik. I believe u have problem with ur kerberos setting which i am not an expert

    The FIM Password Reset Blog http://blogs.technet.com/aho/