Exchange admins who have been in the field for a while will have come across the end user difficulties of not being able to change their passwords using OWA when either the password has expired or the admin has forced for a password reset at login. Though there were workarounds in previous versions of Exchange, no work was done by the product group to make it an Exchange feature which can be turned on or off.
Exchange 2007 SP3 brings this feature to the table. The option is disabled by default and can be turned on with a registry edit on the CAS server.
To enable the password reset feature,
- Log on to the CAS server with an admin account.
- In registry editor, navigate to HLKM\SYSTEM\CurrentControlSet\Services\MSExchange OWA
- Create the following DWORD value if it does not already exist. DWORD Name – ChangeExpiredPasswordEnabled, type - REG_DWORD and data set to 1.
- If the DWORD already exists, change the value from zero to one.
- Reset IIS from command prompt.
Users can now change their expired passwords or forced password reset through OWA. This is a big relief for mobile users. In my opinion, this feature should be enabled by default.
12 comments:
Thanks for sharing. Very useful feature.
Thanks Deepak.
Hi Rajith,
Thank you very much for the post. This should have been available a long time ago, but anyway!...
Have you tried this on Exchange 2010 SP1? It was suppose to work exactly the same way with the exact same change as you showed (I saw another post where the guy followed the procedure described here on an Exchange 2010 SP1 environment and it worked fine!) but for me nothing happens...
I haven’t tried it on Exchange 2007 SP3 though... Any thoughts?
Thanks for sharing again!
Regards,
Nuno
Hi Nuno.
It works in Exchange 2007 SP3, but NOT in the public Beta build of SP1. This works fine in a more later build of 2010 SP1.
It will definitely be available in SP1 RTM.
Thanks,
Hi Rajith,
Thank you very much for the reply. Guess I'll have to wait then... :(
Thanks for the information!
Best regards,
Nuno
Thanks Nuno.
A HUGE piece of missing infomation here and throughout the web is that this new password change functionality doesn't work with W2K3 IIS6. It only works on W2K8 and IIS7. This was a pain to figure out. PSS doesn't even know this...
Thanks for the info Atkscott.
It doesnt work on exchange 2010 sp1 with RU3 , any suggestions?
Is that the case sksyd? I will have to check in lab and get back to you.
Have you restarted the Exchange and IIS services after making the change?
Thanks.
@ Sksyd, I came across the same issue, this is because of the Default Domain Policy, has password settings set to Not Defined, rather than a number, say 0 if you wanted to disable minimum password length, or minimum password age, etc.
Jay
www.netflo.co.uk
Thanks Jay.
Post a Comment