No "unlock" button on the SSPR change password page

  • 7013379
  • 26-Sep-2013
  • 31-Oct-2013

Environment

Self Service Password Reset
SSPR 3.0 
Active Directory environment
"Allow unlock" is set to "True" in forgotten password module
User account is locked by intruder detection

Situation

SSPR user is not given opportunity to unlock account
User does not see the "unlock" button on the change password page
No option to unlock is visible on the change password page.

Resolution

Point SSPR to the primary domain controller. 

Cause

Problem was with AD synchronization.  One domain controller showed the user as locked and the other did not.   SSPR was was pointing to a secondary DC that did not show the user account as being locked at all.  Pointing to the PDC (which did show the account as locked) allowed the unlock button to be made visible.