Description
This article describes how to resolve 'Admin Reset Password Failed: Insufficient Access' when resetting a password in the Self-Service Portal Pre-Login Services.
Scope
FortiAuthenticator.
Solution
When 'Password Reset' is enabled for Pre-Login Services in the Self-service Portal, users can reset passwords by selecting 'Forgot password'. In this scenario, a remote LDAP user is being used.
However, while changing the password, the following error may appear: 'Password change failed. Please contact your system administrator.'
Upon checking the Raw logs in FortiAuthentication, it shows that the LDAP bind user does not have the permission to reset the password.
After allowing the required permission to LDAP bind user, a remote user can reset their password in the Self-Service Portal Pre-Login Services.
Furthermore, FortiAuthenticator requires a specific configuration to support password change operations for remote LDAP users, as detailed below:
Requirements for user password change with FortiAuthenticator as user database
