Error Message

Error 1920. Service 'Forefront Identity Manager Password Reset Client Service' (FIMPasswordReset) failed to start. Verify that you have sufficient privileges to start system services.


Execute the install up until you receive the error message.

Do a Process Monitor Log capture when attempting to start the Password Reset Service.

Review the Process Monitor Log for "Access Denied" messages

Check for an "Access Denied" message for the machine.config file


Navigated in Windows Explorer for the machine.config file and discovered that the machine.config file had a golden padlock on the icon.


Review the security tab, and check the accounts listed.

IF you see only the Administrators Group, and the System account listed, change the config.

The cause of the issue is the Network Service account needing access to this file.


Simply add the NETWORK SERVICE account to the machine.config files Security and give it Full Control.

  1. Right-click the machine.config file.
  2. Select Properties and then Security.
  3. Click Edit, and then click the Add button.
  4. Click OK and OK again.
  5. Execute the installation.