Change Expired Password in OWA

Home > Exchange 2010

Introduction

With Exchange 2010 SP1, the new functionality of being able to change an expired password was introduced. This is the same functionality that enforced "User must change their password at next logon".

With this functionality enabled, a network administrator can reset a user's password, then have the user login and immediately select their own secure password. Ideal for remote users who only access email by OWA.

However it is not enabled by default and requires a registry change. This change must be made on all Client Access Servers.

Registry Change

Copy this text in to a notepad file, then save it with the .reg extension. On the server itself, right click on it and choose Merge.

Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSExchange OWA] "ChangeExpiredPasswordEnabled"=dword:00000001

For the change to take full effect, you will need to run iisreset on the server. This will kick out existing OWA users.

Exchange 2010