Password Manager - Some errors occurred while changing password

Version 5.6.1.6757

When users try changing their password (either through forgot my password or manage my password) they get the following error after entering a new password.

The password is one that hasnt been used before there are domain connections set up (and have been previously working).

"Some errors occurred while changing password."

Below is an extract from the QPM.Service.Host_AD_ log file.

Any ideas please ?

2016-08-16 08:31:31:773 E [3424:90] QPM.Service.Modules.ADHelpers.dll ErrorContextInterceptionBehavior.Invoke() >> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Runtime.InteropServices.COMException: The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you. (Exception from HRESULT: 0x800704F1)
   --- End of inner exception stack trace ---
   at System.DirectoryServices.DirectoryEntry.Invoke(String methodName, Object[] args)
   at QPM.Service.Modules.ADHelpers.Replication.ReplicationEngine.invokeForUser(DomainInfo domain, DomainControllerInfo domainController, String userId, Nullable`1 authenticationType, Boolean isProperty, String methodName, Object[] methodArguments)
   at QPM.Service.Modules.ADHelpers.Replication.ReplicationEngine.invokeWithReplication(DomainInfo domain, ReplicationType replicationType, String userId, Boolean isProperty, String methodName, Object[] methodArguments)
   at QPM.Service.Modules.ADHelpers.ADHelper.ChangePassword(DirectoryInfo info, String userObjectGuid, String oldPassword, String newPassword)
   at DynamicModule.ns.Wrapped_IADHelper_c8abd173f99742609c53168f5df33d4f.<ChangePassword_DelegateImplementation>__1(IMethodInvocation inputs, GetNextInterceptionBehaviorDelegate getNext)
2016-08-16 08:31:31:773 E [3424:90] QPM.Service.Workflow4.dll PasswordResetChangeADExecuting.Execute() >> Errors recieved while changing password:
2016-08-16 08:31:31:773 E [3424:90] mscorlib.dll List`1.ForEach() >>      Error 'The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you. (Exception from HRESULT: 0x800704F1)' with system <<Active Directory>>
2016-08-16 08:31:31:773 E [3424:90] QPM.Service.Workflow4.dll WorkflowContext.CriticalError() >> Activity PasswordChangeAD_1 critical error:
2016-08-16 08:31:31:773 E [3424:90] QPM.Service.Workflow4.dll WorkflowContext.CriticalError() >> Error Status: Failed to change your password.
Error Message: Failed to change your password.
Error Description: Change password for user XXXXXXXX failed
Error Items:
Error 'The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you. (Exception from HRESULT: 0x800704F1)' with system <<Active Directory>>

  • Hi,

    Please remove the following Microsoft updates:

    3177108
    3167679

    https://support.microsoft.com/en-us/kb/3177108

    https://support.microsoft.com/en-us/kb/3167679

    Due to the updates in the Microsoft patches (as outlined in each KB above), it has changed the functionality of the 'change password' operation.

    We are currently working on a resolution for Password Manager.

    If you have any further issue please open a service request with Support.

    Daniel Bishop
    One Identity

  • How will we know when there is a resolution for Password Manager?

    Removing the patches has resolved our issue but now means we can't automatically patch the server.

    Thanks

    Jeremy

  • We have released a patch for 5.6.3 and are currently working on 5.6.2 and 5.6.1.

    https://support.software.dell.com/kb/211826

    Note that all versions prior to 5.6.1 are End of Life. You must upgrade to a supported version to obtain a patch.

    Daniel Bishop
    One Identity

  • In reply to Daniel.Bishop:

    Hi Dan,

    After changing the password, password manager 5.6.3 report shows success.

    But still user is unable to login, no patches has been updated in OS or Domain level.

    Any idea why am getting this error.

    Regards,

    VJ

  • In reply to vijay.anand:

    Hi VJ,

    If Password Manager shows success, do you see an error anywhere - like Event Viewer?

    Is the user account in Active Directory flagged for "user must change password at next logon"? If the account is flagged and you uncheck it, is the user able to login using new password?

    Thanks,

    Dan

    Daniel Bishop
    One Identity

  • In reply to Daniel.Bishop:

    Hi Dan,

    I was getting success message for some users and also "some error occurs while changing password"
    As you stated I removed the two patches you mentioned.

    Now my Big problem is I have published the PMuser site externally, Which is not working and only the internal site is working, Please find the below error message.I haven't change any of the config file and it was working fine till yesterday.

    ***********************************************************
    Cannot perform runtime binding on a null reference
    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. I have not changed anything on any of

    Exception Details: Microsoft.CSharp.RuntimeBinder.RuntimeBinderException: Cannot perform runtime binding on a null reference

    Source Error:



    Line 13: var userLogoutMenuItem = new SiteMenuItem();
    Line 14: var logournUrl = String.Empty;
    Line 15: var user = Model.UserInfo.AccountInfo;
    Line 16: switch (HostSettingsHelper.ClientHostType)
    Line 17: {


    Source File: c:\Program Files\Dell\One Identity Password Manager\Web\User\Views\Layouts\CommonLayout.cshtml Line: 15

    Stack Trace:



    [RuntimeBinderException: Cannot perform runtime binding on a null reference]
    CallSite.Target(Closure , CallSite , Object ) +153
    System.Dynamic.UpdateDelegates.UpdateAndExecute1(CallSite site, T0 arg0) +487
    ASP._Page_Views_Layouts_CommonLayout_cshtml.Execute() in c:\Program Files\Dell\One Identity Password Manager\Web\User\Views\Layouts\CommonLayout.cshtml:15
    System.Web.WebPages.WebPageBase.ExecutePageHierarchy() +253
    System.Web.Mvc.WebViewPage.ExecutePageHierarchy() +147
    System.Web.WebPages.WebPageBase.ExecutePageHierarchy(WebPageContext pageContext, TextWriter writer, WebPageRenderingBase startPage) +122
    System.Web.WebPages.<>c__DisplayClass7.<RenderPageCore>b__6(TextWriter writer) +306
    System.Web.WebPages.WebPageBase.Write(HelperResult result) +108
    System.Web.WebPages.WebPageBase.RenderSurrounding(String partialViewName, Action`1 body) +88
    System.Web.WebPages.WebPageBase.PopContext() +349
    System.Web.Mvc.ViewResultBase.ExecuteResult(ControllerContext context) +375
    System.Web.Mvc.Async.<>c__DisplayClass25.<BeginInvokeAction>b__22(IAsyncResult asyncResult) +236
    System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult) +38
    System.Web.Mvc.<>c__DisplayClass1d.<BeginExecuteCore>b__18(IAsyncResult asyncResult) +27
    System.Web.Mvc.Async.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) +22
    System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult) +53
    System.Web.Mvc.Async.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) +22
    System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult) +38
    System.Web.Mvc.<>c__DisplayClass8.<BeginProcessRequest>b__3(IAsyncResult asyncResult) +42
    System.Web.Mvc.Async.<>c__DisplayClass4.<MakeVoidDelegate>b__3(IAsyncResult ar) +22
    System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) +38
    System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +399
    System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +137

    Thanks & Regards,
    Vijay
  • In reply to vijay.anand:

    Hi Vijay,

    I recommend you open a Service Request with Support to troubleshoot this further.

    Thanks,

    Dan

    Daniel Bishop
    One Identity

  • In reply to Daniel.Bishop:

    Hi Dan,

    I did the external configuration again, then it works fine. I will raise a service request for future purpose.

    Thanks,
    Vj
  • In reply to vijay.anand:

    Hi Vijay,

    That's great news. Indeed, if you have any further issues please raise a service request.

    Thank you,

    Dan

    Daniel Bishop
    One Identity

  • In reply to Daniel.Bishop:

    Dear Daniel,

    We got a similiar issue here, when an user changes their password it throws sometimes ''Some errors occured, please see the event log''. But somehow it changes the password and 'User must change password at next logon' is checked. The user cannot login with their new password. Will this be fixed with a new patch or do we need to remove the hotfixes?
    3177108
    3167679

    This is a really strange case as other users doesnt have this issue, it occurs randomly.
    Please help