Matthias, I have seen this error before too. You should make sure that the user is registered in the registration portal before attempting to perform a reset. The user attribute 'AuthN Workflow Registered' should contain a reference to the actual workflow: Best regards, Pieter.Pieter de Loos - Consultant at Traxion (http://www.traxion.com) http://fimfacts.wordpress.com/

I expect that I had something else wrong, but don't know how I solved that. But in my understanding it was not needed for a user to register when Email OTP is used.

Matthias, I have seen this error before too. You should make sure that the user is registered in the registration portal before attempting to perform a reset. The user attribute 'AuthN Workflow Registered' should contain a reference to the actual workflow: Best regards, Pieter.Pieter de Loos - Consultant at Traxion (http://www.traxion.com) http://fimfacts.wordpress.com/

I expect that I had something else wrong, but don't know how I solved that. But in my understanding it is not needed for a user to register when Email OTP is used.

Hi, I installed FIM R2 with Password Reset Portal using the following installation guide: http://www.microsoft.com/en-us/download/details.aspx?id=29959 Everything went fine during installation, but when I try to login into the password reset portal using a user I get an error 3001 presented to the user and the following is logged into the event log: User asserted identity not in FIM ServiceAn unauthenticated user requested to reset the password for a user who is not in the FIM Service.The user's identity was: [DOMAIN]\[USER]The user's IP address was: [IP]Possible causes include: (1) the asserted Active Directory identity has not been synchronized to the FIM Service; (2) user error inputting their identity, or (3) malicious user attempting to enumerate valid identities and/or reset password for other users. I'm sure that: the user is available in FIM, with domain, SID, account name (i can log into the FIM portal with the user)the user is active in Active Directorythe user his username is typed in correctly (I both tried with and without domain) <o:p></o:p>

I have seen this error, but only when trying to reset the password on an account that does exist in an AD connectorspace, but is different from what the FIMService database knows about (different domain name or account name). This is a pretty good place to start troubleshooting: http://msdn.microsoft.com/en-us/library/windows/desktop/ms696030.aspx Next, you may want to enable FIM Service tracing: http://social.technet.microsoft.com/wiki/contents/articles/10225.how-to-enable-fim-service-tracing.aspx