One of the enhancements that was introduced with Exchange 2010 SP1 and Exchange 2007 SP3 is the ability to change expired passwords using OWA .
This feature is disabled by default ! . You can enable and start use this feature by creating a registry value on all Client Access Servers ( CASs ) within your Exchange organization ; the value have the following settings :
Adding of this value can be simplified by executing the following command at an elevated command line :
| Reg Add “HKLM\System\CurrentControlSet\Services\MSExchange OWA” /V ChangeExpiredPasswordEnabled /t Reg_DWORD /d 1 |
Once the command is executed successfully the value will be in place as below :
All remaining after setting the DWORD value is to reset IIS. The recommended method to reset IIS is to use IISReset /noforce from a command prompt. After that , OWA users will be able to renew their expired passwords via OWA ( This also works for users who have their accounts configured to change password on next logon (User must change password at next logon in ADUC)
Bonus :
Exchange 2010 Service Pack 1 Update Rollup 3 and later supports using a UPN ( e.g. itguy@itguydiaries.net ) in the change password dialog. Also, please see our TechNet documentation on the subject
No comments:
Post a Comment