Knowledge Base

Our dedicated Product Specialist team is always ready to help you when you need it the most. Contact Support

Specops Password Reset

User receives “the certificate revocation list server could not be reached” message when they click the reset password link at the logon screen, but not when they browse to the reset page when logged in.

User is not connected to the internet at the logon screen. Possible solution You can use one of the following three options below to solve this issue: Add a new rule to your proxy that allows “domain computers” to reach the CRL servers on the internet. The rule will look similar to the example below:...

Incorrect user count or license errors with Specops Password Reset due to LDAP query timeout.

Description: If you see user counts that don’t look quite right, or you get a license error in Specops Password Reset, it could be the nightly user counting timing out. To check if this is the issue, we can check our Event Viewer on the Specops Password Reset server. On the Specops Password Reset server,...

Failed to get the SPR service account UPN from the server ‘..’ Identity check failed for outgoing message. The expected DNS identity of the remote endpoint was ..

The following error message was received after a Specops Password Reset installation or upgrade: Failed to get the SPR service account UPN from the server ‘..’Identity check failed for outgoing message. The expected DNS identity of the remote endpoint was ‘..’ but the remote endpoint provided DNS claim ‘..’. If this is a legitimate remote...

403 – Forbidden: Access is denied when browsing to your Specops Password Reset site.

Description: When you browse out to your Specops Password Reset site you encounter the following error: 403 – Forbidden: Access is denied. You do not have permission to view this directory or page using the credentials that you supplied. Solution: Generally if you see this message, it can be one of the two items below....

Service failed to start (Initializing ServiceHost) System.InvalidOperationException: Cannot find the X.509 certificate using the following…

The Specops Password Reset Server Service will not start on the server, the application log is showing the following error: Service failed to start (Initializing ServiceHost)System.InvalidOperationException: Cannot find the X.509 certificate using the following search criteria: StoreName ‘My’, StoreLocation ‘LocalMachine’, FindType ‘FindByThumbprint’, FindValue ‘..’.at System.ServiceModel.Security.SecurityUtils.GetCertificateFromStoreCore(StoreName storeName, StoreLocation storeLocation, X509FindType findType, Object findValue, EndpointAddress target, Boolean...

LDAP Bind error on Helpdesk Password Reset

When using Specops Password Reset with Delegated Helpdesk enabled, helpdesk users may encounter the following error when attempting to reset a user’s password in Microsoft Edge or Google Chrome browsers: Password reset failed: OperationsError (000004DC: LdapErr: DSID-0C090F6A, comment: In order to perform this operation a successful bind must be completed on the connection., data 0,...

How to install a webserver on a domain joined machine on a DMZ via the command line

Here is the code below: Here is an example:

Access denied message on helpdesk webpage

Delegated Helpdesk does not work against an alias: https://spr.domain.com/specopspassword/helpdesk. You must access the page through the FQDN. Possible solution Add another CN to the certificate. “CN=hostname.domain.local” if using https://hostname.domain.local/specopspassword/helpdesk; Or “CN=hostname” if using just the server name https://hostname/specopspassword/helpdesk.

Errors after disabling TLS 1.0 and TLS 1.1 with Specops Password Reset

Description: In some instances, customers who have disabled TLS versions 1.0 and TLS 1.1 may see errors when users try to use Specops Password Reset by browsing to the password reset page. Users might see this error when browsing to the Password Reset site: “An unknown error has occurred” When you check the Application logs...

The Reset Password link does not appear on the logon page after reboot

Possible cause The computer is booting before the network stack has been brought up. This is common when systems are used with wireless or gigabit connected NIC’s. Possible solution You may want to disable Fast Logon Optimization. You can do this with Group Policy, using the Always wait for the network at computer startup and logon policy...
« Previous PageNext Page »