Forum Discussion
Solved
Azure AD SSPR Password write back issue
Hi all, A company I work for have issues with the reset password function with AD Connect. In the SSPR audit logs in Azure AD, we face on 'Reset password (self-service)' the status reason 'On...
Hi Bilal, the SSPR reset is functioning again! I found out that the “Network access: Restrict clients allowed to make remote calls to SAM” GPO was setup in the local GPO of the DCs. The issue is resolved by adding the AD DS connector account into that GPO on both domain.
For future readers:
1: Open Local Security Policy, click Start, type secpol.msc
2: Navigate the console tree to Security Settings\Security Options\Network access: Restrict clients allowed to make remote calls to SAM
3: Right-Click and Select Properties
4: On the Template Security Policy Setting, Click Edit Security
5: Under Group or user names, Click Add the AD DS connector account
7: Leave everything default, and Click OKThank you again for your knowledge and time.
Lot's of password writeback issues since the last patches. I bumped into this one last week:
https://janbakker.tech/kb-selfservicepasswordreset-write-back-problem-error-hr80230818/
https://janbakker.tech/kb-selfservicepasswordreset-write-back-problem-error-hr80230818/
Thank you for sharing Jan and great that you have fix event ID 33001, will save your solution!
For ID 33008, I updated my blog post as well. 33008 can have multiple solutions:
https://vand3rlinden.nl/index.php/2020/07/03/fix-sspr-failure-reason-onpremisesadminactionrequired/
For ID 33008, I updated my blog post as well. 33008 can have multiple solutions:
https://vand3rlinden.nl/index.php/2020/07/03/fix-sspr-failure-reason-onpremisesadminactionrequired/