none
FIM R2 Password Reset Portal User asserted identity not in FIM Service RRS feed

  • Question

  • Hi,

    I installed FIM R2 with Password Reset Portal using the following installation guide:

    http://www.microsoft.com/en-us/download/details.aspx?id=29959

    Everything went fine during installation, but when I try to login into the password reset portal using a user I get an error 3001 presented to the user and the following is logged into the event log:

    User asserted identity not in FIM Service

    An unauthenticated user requested to reset the password for a user who is not in the FIM Service.

    The user's identity was: [DOMAIN]\[USER]

    The user's IP address was: [IP]

    Possible causes include: (1) the asserted Active Directory identity has not been synchronized to the FIM Service;

    (2) user error inputting their identity, or

    (3) malicious user attempting to enumerate valid identities and/or reset password for other users.

    I'm sure that:

    • the user is available in FIM, with domain, SID, account name (i can log into the FIM portal with the user)
    • the user is active in Active Directory
    • the user his username is typed in correctly (I both tried with and without domain)

    <o:p></o:p>


    Wednesday, August 1, 2012 3:46 PM

Answers

  • Matthias,
    I have seen this error before too. You should make sure that the user is registered in the registration portal before attempting to perform a reset.

    The user attribute 'AuthN Workflow Registered' should contain a reference to the actual workflow:



    Best regards,
    Pieter.

    Pieter de Loos - Consultant at Traxion (http://www.traxion.com) http://fimfacts.wordpress.com/

    Thursday, August 2, 2012 12:12 PM

All replies