Exchange admins who have been in the field for a while will have come across the end user difficulties of not being able to change their passwords using OWA when either the password has expired or the admin has forced for a password reset at login. Though there were workarounds in previous versions of Exchange, no work was done by the product group to make it an Exchange feature which can be turned on or off.
Exchange 2007 SP3 brings this feature to the table. The option is disabled by default and can be turned on with a registry edit on the CAS server.
To enable the password reset feature,
- Log on to the CAS server with an admin account.
- In registry editor, navigate to HLKMSYSTEMCurrentControlSetServicesMSExchange OWA
- Create the following DWORD value if it does not already exist. DWORD Name – ChangeExpiredPasswordEnabled, type – REG_DWORD and data set to 1.
- If the DWORD already exists, change the value from zero to one.
- Reset IIS from command prompt.
Users can now change their expired passwords or forced password reset through OWA. This is a big relief for mobile users. In my opinion, this feature should be enabled by default.
Is this feature available outside of Outlook Web Access? We run Outlook 2007 with Exchange 2013 and are not on the same domain as our parent company. Our windows passwords expire and warn separately from our Outlook/Exchange passwords. Currently, in Outlook 2007 our users get no warning their Outlook passwords are about to expire. They just come in one day and they are locked out. Looking for something other than an email to Pop Up and say “Change your password today” or it has expired and prompt them with the OLD and NEW NEW box. I swear it used to do that with Outlook 2007 and Exchange 2007. Maybe not. thanks
Thanks Jay.
@ Sksyd, I came across the same issue, this is because of the Default Domain Policy, has password settings set to Not Defined, rather than a number, say 0 if you wanted to disable minimum password length, or minimum password age, etc.
Jay
http://www.netflo.co.uk
Is that the case sksyd? I will have to check in lab and get back to you.
Have you restarted the Exchange and IIS services after making the change?
Thanks.
It doesnt work on exchange 2010 sp1 with RU3 , any suggestions?
Thanks for the info Atkscott.
A HUGE piece of missing infomation here and throughout the web is that this new password change functionality doesn't work with W2K3 IIS6. It only works on W2K8 and IIS7. This was a pain to figure out. PSS doesn't even know this…
Thanks Nuno.
Hi Rajith,
Thank you very much for the reply. Guess I'll have to wait then… :(
Thanks for the information!
Best regards,
Nuno
Hi Nuno.
It works in Exchange 2007 SP3, but NOT in the public Beta build of SP1. This works fine in a more later build of 2010 SP1.
It will definitely be available in SP1 RTM.
Thanks,
Hi Rajith,
Thank you very much for the post. This should have been available a long time ago, but anyway!…
Have you tried this on Exchange 2010 SP1? It was suppose to work exactly the same way with the exact same change as you showed (I saw another post where the guy followed the procedure described here on an Exchange 2010 SP1 environment and it worked fine!) but for me nothing happens…
I haven’t tried it on Exchange 2007 SP3 though… Any thoughts?
Thanks for sharing again!
Regards,
Nuno
Thanks Deepak.
Thanks for sharing. Very useful feature.