I have run into a very strange issue that I am uncertain how to fix.
I have one 2008 R2 server running SQL 2008 R2/FIM Service/FIM Sync Service. One 2008 R2 server running the pwdreg/pwdreset portals.
I have 19 MAs, one for the FIMMA and one for each domain in the forest for the static 'domain' attribute. Everything works as expected. The users are imported into the MV and then into FIM from the ADMAs. All users can register with the registration portal. Only two domains are immediately able to use the reset portal. All of the other users in the other 16 domains receive an error for which the event logs states 'Password Reset Activity could not find Mv record for user'. I have verified the users with this issue are in the MV, all attributes flowed correctly.
Here comes the strange part. Once I log into the FIM portal as that user, they are then able to reset their password. We have thousands of users with new student accounts added almost daily. It is not possible to each morning log in using their default passwords into the portal just so they can then register/reset their own passwords later. Again, this does not happen for two of the domains. All delegated permissions are the same across the board as noted by the successful pwd reset after the account has logged into the FIM portal.
What could possibly be causing this?