[Troubleshooting] SSPR Reset Portal - Error attempting to reset password

Issue

A user goes to the SSPR reset portal. The questions are answered and the new password entered twice. The user receives the following error in the portal. Error while attempting to reset password.

NOTE: The password is actually reset in active directory.

Cause

Two variables contribute to this issue. One, an invalid (demoted, removed, etc.) domain controller must be configured in the AD MA as a preferred DC. The "only use preferred domain controllers" option need not be enabled. Secondly, the invalid DC needs a corresponding A (host) record in DNS. If both of these incorrect configurations are present the issue occurs.

 

Resolution

Remove at least one of the misconfigured items.

An RFC was filed with the product group. This is not a bug since it requires multiple configuration issues in the environment.