Monday, April 10, 2017

How to Enable Password Change feature in Exchange 2010 OWA

How to Enable Password Change feature in Exchange 2010 OWA

Recently I received requests from clients asking is there any option to enable the password change feature in OWA. This topic discusses how to setup configuration to make it.

Before we go-ahead and setup, we need to understand about the password policy settings implied with OWA Password change features.

There are three types of account policies in Windows Active Directory.

  • Account Password Policy.
  • Account Lockout Policy.
  • Kerberos authentication policy.
Account Password and Account Lockout Policy will be applied at default domain policy levels, which applied to OWA users as well.

We also need to understand about the password security policy level and these policy's will be applied once account enabled for Mail.

  • Password Complexity.
  • Password History.
  • Minimum password length.
  • Minimum password age.
  • Maximum password age

Exchange 2010 OWA includes a feature to allow users to change their passwords, but by default it’s disabled. You need to enable it.
  1. Log into your Exchange CAS machine (the OWA server). In a single Exchange environment, this is just your Exchange server. In a more complex setup, you will have a server(s) dedicated for CAS.
    1. Open regedit.
    2. Go to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesMSExchange OWA
    3. Create the DWORD key ChangeExpiredPasswordEnabled
    4. Set ChangeExpiredPasswordEnabled to 1
    5. Reboot the CAS server.

Thanks for Visiting. Keep watch for the further updates!