Hi,
sorry for this dumb question.
I managed to get a password reset link via mail for a test user on a ldap connected realm (editable).
clicking on that link does not reveal the change password recovery.reset.html
I directly come to “Please sign in”
what do I miss? Is there a special policy for auth for password reset?
tia
jonathan
How did you manage to get the password reset link in the first place?
Also note, that to my knowledge simply setting the password of a user in the LDAP resolver is most probably not supported.
as in docu stated: user policy: password_reset
https://privacyidea.readthedocs.io/en/latest/policies/user.html
this is working, as I wrote - after entering name and email password reset link is sent.
but: after clicking on it it only shows: Please sign in.
So I guess I am missing something 
setting the password of a user in the LDAP resolver is most probably not supported
but of SQL? maybe I should try this?
Looks like the URL in the default email became faulty over time.
You receive a link like
https://piserver/#/reset/user@realm/code
But there needs to be an exlamation mark behind the hash #:
looks like it worked (manual)
But as you wrote: failed to reset password showed quickly…
In LDAP/AD setting a password is not simply changing an attribute. This is a more complicated way, which I is not implemented - I am not sure if this could easily been implemented at all.
This was supposed to work in conjunction with the registering of users, where users are managed in a SQL table by privacyIDEA. Then the password reset would (should) actually work.