This post covers one of two reasons that the FIM Service fails to reset a password and throws the error PWReset Activity could not connect to the directory. The other issue is described here.
A user of Forefront Identity Manager 2010 Self-Service Password Reset successfully authenticates the question and answer (Q&A) gate, inputs a new password and fails to successfully reset with the generic error “An error occurred when attempting to reset password, please try again”.
Upon inspection of the Forefront Identity Manager log in Event Viewer the following error has been recorded:
Textually, that’s an event ID 3 from Microsoft.ResourceManagement with a description of “PWReset Activity could not connect to the directory”.
As the error suggests the issue is that the entered password did not make it to the directory. Or another way, the call into MIIS_CSObject::SetPassword failed.
The reason? There might be several, i.e. an ADMA connectivity or authentication issue but one sure reason is that the Enable password management option under Password management in the Configure Extensions page of your ADMA is not checked –see screenshot below.
We must enable password management to be able to utilise MIIS_CSObject::SetPassword which is what the Password Reset Action Workflow calls.
Hybrid Identity 
Thank you! Very helpful post.
Pingback: PWReset Activity could not connect to the directory #2 | Yet another identity management blog
Pingback: FIM SSPR password reset fails with error PWReset Activity could not connect to the directory | Yet another identity management blog
I’d also add that this error occurs unless ALL management agents pointing to the directory in question have Password Management enabled. The FIMService issues a WMI query to return a list of objects found that have connectors to the AD MA. This query specifies the domain name and FQDN. If one of the results doesn’t have Password Management enabled, the operation fails.