FIM 2010 Password Reset Portal Error 3000

2017-12-07T10:32:18+00:00 August 2nd, 2013|Azure, Cloud, Windows|

A customer called recently with a FIM error when any users tried to reset their password via the Password reset portal:

An error has occurred.  Please try again, and if the problem persists, contact your help desk or system administrator. (Error 3000).

After checking all of the usual bits and bobs (permissions etc) i started delving into the event log and came across the below errors:

The error page was displayed to the user. Details: Title: Error Message: An error has occurred. Please try again, and if the problem persists, contact your help desk or system administrator. (Error 3000) Source: Attributes: Details: System.InvalidProgramException: Error while performing the password reset operation: PWUnrecoverableError    at Microsoft.IdentityManagement.CredentialManagement.Portal.Reset.AttemptToResetPassword()    at System.Web.UI.WebControls.Button.OnClick(EventArgs e)    at System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument)    at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)    at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) CorrelationId: RequestId: ErrorCode: 3000 CaughtTime: 08/02/2013 12:48:27

Web Portal: FIM Password Reset Portal Session Id: odp4vknwwxsjpa45it1l5a45 IP Address: 158.223.0.128

The web portal received a fault error from the FIM service. Details: Microsoft.ResourceManagement.WebServices.Faults.ServiceFaultException: DataRequiredFaultReason    at Microsoft.ResourceManagement.WebServices.ResourceFactoryClient.Create(Message request)    at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.ResetProxy.InteractWithPasswordResetActivity(SecureString newPassword, String activityEndpoint, String workflowInstanceId, ContextualSecurityToken sessionSecurityToken) Web Portal: FIM Password Reset Portal Session Id: odp4vknwwxsjpa45it1l5a45 IP Address: 158.223.0.128

The web portal received a fault error from the FIM service. Details: Microsoft.ResourceManagement.WebServices.Faults.ServiceFaultException: DataRequiredFaultReason    at Microsoft.ResourceManagement.WebServices.ResourceFactoryClient.Create(Message request)    at Microsoft.IdentityManagement.CredentialManagement.Portal.Common.ResetProxy.InteractWithPasswordResetActivity(SecureString newPassword, String activityEndpoint, String workflowInstanceId, ContextualSecurityToken sessionSecurityToken) Web Portal: FIM Password Reset Portal Session Id: odp4vknwwxsjpa45it1l5a45 IP Address: 158.223.0.128

The last one interested me and combined with the fact there were also intermittent errors in the event log for time out issues I started to wonder if we had a location problem.  After a bit of research I suspected that FIM could not contact a DC in order to perform the password reset so in order to resolve I opened the properties of the AD MA went to “Configure Directory Partitions” and ticked “Only use preferred domain controllers” then configured and added the PDC.

After this the service worked perfectly.

Note: In order to find the PDC if you don’t know it open a command prompt and type: dsquery server -hsafsm PDC.