Mobility has really caught on recently and everybody wants in. This can be using that new smart phone to check your email to working from home. This is great technology it has unchained us from “the office”, but it can have it’s frustrations as well. For example, how do end-users that don’t frequently make it to the office change their password when the time comes?
This was asked of me recently. Now of course I am aware that you can change your password using OWA after a successful logon, but that doesn’t help if you need to update your password before logging on. A client wanted to create accounts and using OWA change the password on first logon so that the end-user was not required to travel to the office to perform this task. At first I didn’t think it was possible, but after some digging around, I ran into this site that actually provided documentation on allowing just that.
As I read through the article I realized that to enable this functionality it takes only a single registry key change. Below is the excerpt from the site that provides the details of how to accomplish this.
To enable this feature you will need to modify the registry on the Exchange server which runs the CAS role and reset IIS.
NOTE: You need to make the registry modification on all CAS servers, if you have more than one in your environment.
- Log onto the Exchange server with the CAS role
- Open regedit and navigate to
- Create a new DWORD with the name of ChangeExpiredPasswordEnabled and value of 1
- Reset IIS by opening the command prompt (As Administrator) and running:
- Now users will now be prompted to change their password from the OWA logon prompt (shown below)
Now if everything goes as planned, the end-user will then see the following indicating a successful password change. Finally they will have to log back on using the new credentials.