Unable to establish session password for Forgotten Password

[GoogleCodeExporter]

What steps will reproduce the problem?
1.Trying to retrive forgottem password
2. code is being sent o email
3. after typing the code it is showing Unable to establish session password . I 
am using windows active directory .

What is the expected output? What do you see instead?
Random password needs to be generated .

What version of PWM are you using?
1.6.4

What ldap directory and version are you using?
Windows active directory

Please paste any error log messages below:

Unable to establish session password. { 5026 ERROR_BAD_SESSION_PASSWORD (error 
setting random password for user CN=srv Mrs,cn=users,dc=techno,dc=intra [LDAP: 
error code 53 - 0000001F: SvcErr: DSID-031A120C, problem 5003 
(WILL_NOT_PERFORM), data 0 ]) }

Original issue reported on code.google.com by souravk...@gmail.com on 17 Jul 2013 at 6:44

[GoogleCodeExporter]

Hi,

See: 
http://blogs.msdn.com/b/adpowershell/archive/2009/03/25/error-reporting-in-activ
e-directory-powershell.aspx

It's in the configuration. Make sure PWM's password policy matches your AD's 
password policy. Go to the configuration editor > Settings > Password Policy, 
check "Enforce Microsoft AD 2003 Password Complexity". Also check that your 
AD's does not enforce a mimimal amount of time between password changes!

Original comment by menno.pi...@gmail.com on 17 Jul 2013 at 7:50

• Changed state: WontFix

[GoogleCodeExporter]

There is no optopn like 

configuration editor > Settings > Password Policy > Enforce Microsoft AD 2003 
Password Complexity ...
There is only option to enable "Enforce Microsoft-AD Password Complexity" . I 
have enable it but still the same error coming ..

Original comment by souravk...@gmail.com on 17 Jul 2013 at 12:59

[GoogleCodeExporter]

Well, the option may have been renamed between 1.6.4 and the current 
development version. Again, make sure your password policy in AD matches the 
one in PWM. If your admin has changed the AD policy, this may be the reason. 
Please consult your AD admin or try a nightly build, to see if that fixes your 
problem.

If nothing helps, post a log on the forums. It's a configuration problem, not a 
PWM problem. I've seen AD work perfectly with PWM.

Regards,

Menno

Original comment by menno.pi...@gmail.com on 17 Jul 2013 at 1:44

[GoogleCodeExporter]

I am still not able to set a random password. Could it have anything to do with 
my LDAP connection which is unsecure (389). Would it help if I use LDAPS 
instead I am using AD 2008 R2..

attaching the below .

Original comment by souravk...@gmail.com on 18 Jul 2013 at 5:51

Attachments:

• pwm_log.txt

[GoogleCodeExporter]

Exactly. AD requires a secure connection for setting passwords.

Original comment by menno.pi...@gmail.com on 18 Jul 2013 at 6:15

[GoogleCodeExporter]

Thanks lot...It works . Another problem what I am facing for searching user for 
forgotten username . It is showing "Unable to find username. Please try again. 
{ 5016 ERROR_CANT_MATCH_USER" . I am using windows active directory.

Original comment by souravk...@gmail.com on 18 Jul 2013 at 9:20

[GoogleCodeExporter]

Please post this kind of questions on the forum/mailing list. A lot more people 
can help you there. Besides it's a configuration problem, not a PWM bug.

Original comment by menno.pi...@gmail.com on 18 Jul 2013 at 9:32