OWA & "User must change password at next logon"

Current Environment: Running EX2K3(SP2), and using OWA as the ONLY option to 
get e-mail; using certificates  (https:\\owa.domain.com\exchange) & forms 
based Authentication. 
 Problem: I create a NEW user in AD; e-mail enable it, and select  "User 
must change password at next logon".  Now when the user tries to log in (VIA 
OWA) s/he is not prompted to change the password / it won't even log them in. 
It use to work with our old exchange 2000 environment, where it gave them the 
opportunity  to change the password at sign on.  Answer: ? 
0
John1063 (943)
5/10/2006 3:15:01 AM
exchange.admin 57650 articles. 2 followers. Follow

2 Replies
438 Views

Similar Articles

[PageSpeed] 36

There is one property in MetaBase: PasswordChangeFlags. The default value in 
Windows 2003 (IIS 6.0) is 6, which stands for 2+4.  Please refer to the 
below link.

PasswordChangeFlags Metabase Propert
http://technet2.microsoft.com/WindowsServer/f/?en/Library/562c1596-2e04-4002-8af8-86247e008c5c1033.mspx

With the value set to 6 u cannot change the password in OWA when the user 
pasword expires/Change password at next logon is selected.

You can run the below command on the server to check the value

C:\InetPub\AdminScripts> cscript adsutil.vbs get w3svc\PasswordChangeFlags

Set the value by following command on the server:
C:\InetPub\AdminScripts> cscript adsutil.vbs set w3svc\PasswordChangeFlags 0

Actually you can do this by metabse explore too. 

Once the above attribute is set check if the user is able to change the 
password. It should take you to the OWA password change page automatically.

-- 
Manoj 

" Jack of all trades, master of the moment"




"John" wrote:

> Current Environment: Running EX2K3(SP2), and using OWA as the ONLY option to 
> get e-mail; using certificates  (https:\\owa.domain.com\exchange) & forms 
> based Authentication. 
>  Problem: I create a NEW user in AD; e-mail enable it, and select  "User 
> must change password at next logon".  Now when the user tries to log in (VIA 
> OWA) s/he is not prompted to change the password / it won't even log them in. 
> It use to work with our old exchange 2000 environment, where it gave them the 
> opportunity  to change the password at sign on.  Answer: ? 
0
Manoj1 (107)
5/10/2006 11:37:02 AM
The following KB article can help.  It talks about the PasswordChangeFlags 
and also mentions a few other requirements.  One of them is that the 
Iisadmpwd  virtual directory must reside in the same application pool as the 
web site using the pwd chg function.  This was set incorrectly on my 
machine.

http://support.microsoft.com/kb/833734


bob


"John" <John@discussions.microsoft.com> wrote in message 
news:8CD154A4-3153-4976-A9BD-E69782FAF812@microsoft.com...
> Current Environment: Running EX2K3(SP2), and using OWA as the ONLY option 
> to
> get e-mail; using certificates  (https:\\owa.domain.com\exchange) & forms
> based Authentication.
> Problem: I create a NEW user in AD; e-mail enable it, and select  "User
> must change password at next logon".  Now when the user tries to log in 
> (VIA
> OWA) s/he is not prompted to change the password / it won't even log them 
> in.
> It use to work with our old exchange 2000 environment, where it gave them 
> the
> opportunity  to change the password at sign on.  Answer: ? 


0
bob3447 (19)
5/10/2006 3:12:53 PM
Reply:

Similar Artilces:

OWA User must change password at next logon
I have Exchange 2003 running on a 2000 server and my users can successfully change their password from the OWA interface. If I select the "user must change password at next logon " in Active Directory Users and Computers they get a prompt to change their password when they logon to owa and everything works as it should. But from that point on if they try to change the password again from owa they get the error number: -2147023569. I don't have minimum password age set in the security policy so I'm not sure why this would break it. Any thoughts? JD ...

"User must change password at next logon" not working in OWA
Hello. I have an Exchange 2003 SP2 environment and when we create a new AD account and check the option for "User must change password at next logon", users that access their account initally via OWA cannot log in. They do cannot log in. The standard OWA error is displayed: You could not be logged on to Outlook Web Access. Make sure your domain\user name and password are correct, and then try again. If the change password on first login is disabled, users can login in without any issues. The strange thing is that the Change Password function through OWA works, because afte...

OWA And User Must Change Password at next logon
Eric, I'm currently working on an issue with Exchange 2003, OWA, and changing passwords. I found a thread on the microsoft.public.exchange.admin newsgroup that you started back in 2004 with the same issue. It states: "If we reset a password on an user account with the option that the user must change the password at the next logon, the end user is not allowed to logon through the OWA with the reset password. The server is Windows 2003/exchange 2003. Has anyone run into this before? -- Eric Sabo NT Administrator" You mention in a subsequent thread that ...

OWA & "User must change password at next logon"
Current Environment: Running EX2K3(SP2), and using OWA as the ONLY option to get e-mail; using certificates (https:\\owa.domain.com\exchange) & forms based Authentication. Problem: I create a NEW user in AD; e-mail enable it, and select "User must change password at next logon". Now when the user tries to log in (VIA OWA) s/he is not prompted to change the password / it won't even log them in. It use to work with our old exchange 2000 environment, where it gave them the opportunity to change the password at sign on. Answer: ? There is one property in MetaBase: ...