One of the drawbacks of OWA was the inability to change user password or login using OWA when the password expires. This created a lot of trouble for mobile users who always use OWA. The ability to change the user password using OWA was introduced in Exchange 2007 SP3, but is missing in 2010 RTM. Check my previous article for 2007 SP3 OWA Password Reset feature.
The public beta of 2010 SP1 didn’t have this feature as well. But, guess what? 2010 SP1 RTM provides this feature, once it is turned on. By default, the password reset feature is switched off (don’t know why Exchange Team did that).
In order to enable the feature, follow the steps below (It is same as 2007 SP3).
- Log on to the CAS server with an admin account.
- In registry editor, navigate to HLKMSYSTEMCurrentControlSetServicesMSExchange OWA
- Create the following DWORD value if it does not already exist. DWORD Name – ChangeExpiredPasswordEnabled, type – REG_DWORD and data set to 1.
- If the DWORD already exists, change the value from zero to one.
- Reset IIS from the command prompt.
You need to make the registry edit on all CAS servers, if you have more than one in your environment.
To demonstrate the feature in action, I have created a new mailbox with the option to change password at next logon.
I will use OWA to login for the first time, which notifies me that my password has expired. It gives me the option to put my current password & a new one to make the change.
Once I enter the old & new password and click “Submit”, I get a confirmation that my password has been changed.
This will reduce the number of helpdesk calls from mobile users to some extend. Go for the registry edit guys!
hello I cant log in to my outlook and apparently my old password is wrong I have tried this a couple times and still no luck is there a way for me to recover the old password?? need help asap thanks in advance
Your admin can only reset the password. They can’t “see” it or recover it.
is it possible to Disable Outlook Web Access Password Expiry Notification Banner
Thank you for reading my question.
i think I figured what the problem was. I observed that although the Outlook Web App segementation was showing ‘change password’ as enabled, the default Outlook webapp policy was not applied to the mailboxes. Once I applied it, I was able to change password from WebApp without any issues. No restart of services nor long wait times. :)
Hope this helps other facing similar issues.
Cheers.
Raj
Ahh, A mismatch is settings. Glad you figured it out and thanks for posting the solution. It will help other readers for sure.
HI,
The issue I face is that although my account password has not expired, and I would like to change the password for security reasons… outlook web app does not let me do that. As soon as I login to webapp and click on ‘Change Password’ it takes me back to the login screen as though I just got logged off.
Any suggestions?
Note: I tried to make the Registry changes but that is for users whose passwords have expired. But looks like it shows up for people whose accounts have not expired too. tested.
Hi Rajashekar,
Are you saying that you can’t change the password after logging into OWA and going to Options?
I have the same error when running issreset /noforce, what I did was to tried three times in the third times come up “Internet services successfully restarted”
Thanks Jenoes. You can run iisreset without any switches as well.
i’ve received an error while running iisreset /noforce command.
error : Attemting stop… Restart attempt failed.
The service did not respond to the start or control request in a timely fashion. (2147943453, 8007041d)
I did reboot the server and test out the expired password scenario but failed. I tried to perform iisreset /noforce again and received the same error as stated above.
anyone. advise.. thanks
Hi Ray,
What if you try to do it manually from the services snap-in? Or try running just iisrest
Thanks
Hi Rajith,
What about the case when a user has forgotten the password? The admin must reset it with a “default password”, and then the user must change the password. However, the admin must communicate the password to the user, in order to enter a new one.
That is true. If the user forgets the password, service desk needs to sort it out.
I get a different message “Your password has been changed. We recommend that you close all browser windows at this time.”
– Anyone know why get something different?
What is your patch level Sven?
Hi,
I have a question to you. Can we change password changing confirmation message? I want to change “Your password has been changed. Click ok yo sign in with your new password” message
If there is a solution, how can i do that?
Thank you.
Hi Yonetici,
I don’t think there is a “supported” tweak to make this work.
Thanks.
Thanks Walter.
Excellent and helpfull post!