Password reset in Web Transfer Client not working when using an Active Directory-authenticated Site in EFT


THE INFORMATION IN THIS ARTICLE APPLIES TO:

  • EFT, v6.0 and later

SYMPTOM

We have encountered issues with new Microsoft patches breaking password resets via the Web Transfer Client when using an Active Directory-authenticated Site in EFT.

WORKAROUND

For an environment with a single domain controller, if you remove Microsoft patch KB3167679 from the EFT server it resolved the issue.

In another case we had a customer that had a multi-domain forest with a child domain controller, and removing that patch did not resolve the issue. In this case we had to also remove a second Microsoft patch, KB3177108, on the EFT server.

Removing both of these two patches on the EFT server in a parent-child domain environment resolved the issue.

MORE INFORMATION

When dealing with a one-domain-controller environment and we attempt to reset the password via WTC for an AD site, the user observes error message:

AD: Failed to change password. Error: ERROR [0x800704f1]: The system detected a possible attempt to compromise security. Please ensure that you can contact the server that authenticated you. LDAP: Failed to change password. Error: ERROR [0x80640035]: Unwilling To Perform.

When dealing with a parent – child domain environment and we attempt to change the password via WTC for an AD site, users observe the error:

Failed to change password. Error: ERROR [0x800704f1]: The system cannot contact a domain controller to service the authentication request. Please try again later.