FIM - Password Reset not working

Hi,

I have set up the password reset part and users can register without problem but when i test changing a password it doesnt work, and i receive the below error on the fim server. 

The server encountered an error while attempting to perform a set/change  password operation.
 
 "BAIL: MMS(8040): d:\bt\9394412\private\source\miis\shared\ldaputils\dnutils.cpp(1341): 0x800700b7 (Cannot create a file when that file already exists.)
BAIL: MMS(8040): d:\bt\9394412\private\source\miis\shared\ldaputils\dnutils.cpp(1341): 0x800700b7 (Cannot create a file when that file already exists.)
BAIL: MMS(8040): d:\bt\9394412\private\source\miis\shared\ldaputils\dnutils.cpp(1341): 0x800700b7 (Cannot create a file when that file already exists.)
BAIL: MMS(8040): d:\bt\9394412\private\source\miis\ma\ad\utils.cpp(909): 0x80070002 (The system cannot find the file specified.)
BAIL: MMS(8040): d:\bt\9394412\private\source\miis\ma\ad\utils.cpp(964): 0x80070002 (The system cannot find the file specified.)
BAIL: MMS(8040): d:\bt\9394412\private\source\miis\shared\ldaputils\cimpersonate.cpp(137): 0x80070569 (Logon failure: the user has not been granted the requested logon type at this computer.): Impersonation failed with err 80070569
WARNING: MMS(8040): d:\bt\9394412\private\source\miis\shared\ldaputils\cimpersonate.cpp(84): Controller:Could not release logon token
BAIL: MMS(8040): d:\bt\9394412\private\source\miis\ma\ad\admaexport.cpp(2840): 0x80070569 (Logon failure: the user has not been granted the requested logon type at this computer.)
BAIL: MMS(8040): d:\bt\9394412\private\source\miis\ma\ad\admaexport.cpp(3209): 0x80070569 (Logon failure: the user has not been granted the requested logon type at this computer.)
ERR_: MMS(8040): d:\bt\9394412\private\source\miis\server\server\ma.cpp(8497): ExportPasswordSet failed with 0x80070569
Forefront Identity Manager 4.1.2273.0"

November 8th, 2012 8:59pm

Have also noticed this

An account failed to log on.

Subject:
Security ID: CORP\svc_fimsync
Account Name: svc_fimsync
Account Domain: CORP
Logon ID: 0x12d21d1b

Logon Type: 8

Account For Which Logon Failed:
Security ID: NULL SID
Account Name: svc_fimservice
Account Domain: CORP

Failure Information:
Failure Reason: The user has not been granted the requested logon type at this machine.
Status: 0xc000015b
Sub Status: 0x0

Process Information:
Caller Process ID: 0x2330
Caller Process Name: C:\Program Files\Microsoft Forefront Identity Manager\2010\Synchronization Service\Bin\miiserver.exe

Network Information:
Workstation Name: CORPFIM01
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi  
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

  • Marked as answer by Chris Burrett Thursday, November 08, 2012 6:26 PM
  • Unmarked as answer by Chris Burrett Thursday, November 08, 2012 6:26 PM
Free Windows Admin Tool Kit Click here and download it now
November 8th, 2012 9:19pm

This is now fixed i had the local policy restrictions set wrong for the service accounts

Chris

  • Marked as answer by Chris Burrett Thursday, November 08, 2012 6:27 PM
November 8th, 2012 9:27pm

Chris, I am getting same error. Could you please let me know the resolution steps.

Thanks

Free Windows Admin Tool Kit Click here and download it now
November 15th, 2013 1:51am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics