Problem encountered in FIM Password Reset

Asked By 0 points N/A Posted on -

Hi everybody.

I have been using FIM Self Service Password Reset (FIM SSPR) and it requires that someone sets password using a domain and join the organization from the Cyberspace. We would like to continue investigating this alternative in order to determine if it is feasible or not.

During my research I only managed to partially get it to product by featuring an unsealed opening 5725 and 5726 to an outer coat FIM surround. This is really complicated for the users because after answering the presented question it fails with Error Code 997: 


"An exception was encountered while running the Password reset application". On the other hand the client gets the message that he successfully answered the questions and that FIM STS was able to issue a new token. There were no error reports in FIM Service logs. 
This is giving me quite a hard time, does anyone know what could be causing this, and hints on how to fix this problem.
Best Answer by Angeliname smith
Answered By 0 points N/A #89729

Problem encountered in FIM Password Reset


Please do the following orderly steps:

1) psexec.exe -s -d -i cmd.exe.

2) mmc.exe.

3) Add Cert snap-in > local machine > computer account.

4) Personal store > Right click the cert > All tasks > Manage Private Key.

5) Grant FMIService service account read permission.

It should solves the problem.

Answered By 0 points N/A #89730

Problem encountered in FIM Password Reset


Hello Josephine,

I will not give long answers to your questions because of my research, this might solve your problem.

Enable logging on the SSPR client FIM 2010: SSPR Client Extension Advanced Logging

If this will not work, here is another link that will help you fix the problem you encounter.

I hope this will fix the error.


Best Answer
Best Answer
Answered By 0 points N/A #89732

Problem encountered in FIM Password Reset


Hello Josephine,

Check if the DNS Alias is in the Sitelock key. If so, change it to machine name.

To do so,

1. Open the registry

2. Navigate to HKEY_LOCAL_MACHINESOFTWAREMicrosoftForefront Identity Manager2010ExtensionIntranet

3. Double click on Sitelock to edit

4. Add to the end of the following

5. Machine name

6. Click OK

If you are still encountering problems, check the Enable Kernel-mode Authentication

1. Open IIS

2. Expand Sites and select Sharepoint-80

3. Double click on authentication

4. Select windows authentication

5. Under the actions menu on the right, select advance settings

6. Ensure that the Enable kernel-mode authentication is not checked and click ok

7. Execute an IISReset

8. Open an Administrative Command-prompt

9. Type IISReset and press Enter

10. Restart the Forefront Password Reset Client via the Services console.

Login/Register to Answer

Related Questions