FIM 2010 R2 – Web-Based Password Reset, Part 3

FIM lets users reset their passwords only after authenticating them against answers to commonly asked security questions that they registered with. One major complaint about FIM 2010’s QA Gate implementation is that it does not allow ITPro to specify some sort of validation or policies on the answers. It’s possible that users might enter “abc”…


FIM 2010 R2 – Web-Based Password Reset, Part 2

Web-Based Password Reset is not just about writing a web client in ASP.NET. I mentioned that a few times when talking to different people. Everyone can do that by writing their own WCF client. If reverse engineering the FIM WebService protocol is too hard, there is the open source client supported by the community. In…


Office 365 Password Reset GA

Sooner or later, you may forget the password that you need to sign in to your account. It happens to just about everyone. If you forget your Office 365 password, and you’re not an Office 365 administrator, confess your predicament to an administrator in your organization, and the kind administrator resets your password. If you’re…

Office 365 Password Reset Beta

Over the last year, I have been working on this Office 365 Password Reset project. We are doing a closed beta. If you are interested to signup and provide feedback, click on the link which contains information on the action items.

FIM 2010 R2 – Web-Based Password Reset, Part 1

I am very excited to let everyone knows that FIM 2010 R2 Beta has released featuring Web-Based Password Reset. How to download FIM 2010 R2 Beta Go here. Answer the survey questions and Submit. This auto-approves you for the Beta connection. Click the Downloads link in the left column. Click the FIM 2010 R2 Beta…


FIM 2010 Self-Service Password Reset Now Supports All Domain Password Policies

I am excited to announce that FIM 2010 Self-Service Password Reset now supports all domain password policies.  It was a joint effort between the Windows Active Directory and FIM development teams to provide this new functionality. Details of this change can be found in


Self-Service Password Reset to Non-Active Directory System

Background: I often come across two types of questions in both internal and external channels How can I leverage SSPR and reset a password for a non-AD account (e.g. MSSQL, HR or .NET Passport)? How can I implement password filters but do so in FIM instead of AD? For #1, PCNS together with FIM Synchronization…


Custom Credential Provider for Password Reset

The credential provider for Password Reset is fairly simply and straight forward. Since I have joined the team, there is very little code change in that area. Recently, we decided to fix some minor known bug in the credential provider (CP) and I realized I don’t know too much about how CP works. So I …


Forefront Identity Manager – Credential Management, Part 4

This post talks about how client interacts with the server during the course of Self-Service Password Reset Registration and Reset. Majority of the information can be found from either client-side or server-side log. The implementation is subjected to change. If you were to develop a custom SSPR client based on the information below, please make…