Expired Passwords and Exchange Server 2007 Service Pack 3

Share this:

Hi folks,

One of the cool features of Exchange Server 2007 Service Pack 3 is the ability to allow end-users to change their expired passwords using Outlook Web Access.

Basically, when you have a user configured with the option User must change password at next logon, then the user won’t be able to access OWA right away because it is required to change its password first. However enabling that new feature from Service Pack 3 the user will receive the following page where he is able to change his password.

After changing the password the user will be able to log on OWA without any issues.

By default that

It’s a straight forward process, just open Regedit on the Client Acces Server and go to the following key:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetservicesMSExchange OWA

Then, add a new DWORD (32-bit value) called ChangeExpiredPasswordEnabled and change the value to 1

Finally, we need to restart the IIS, we can use the IISReset /noforce and that’s it.

If you don’t want to perform the previous steps, you can use a really simple script that I created for that purpose, check this out: http://msmvps.com/blogs/andersonpatricio/pages/script-enableowapwd-ps1.aspx


Anderson Patricio



Twitter: @apatricio

Written by Anderson Patricio

Anderson Patricio is a Canadian Exchange Server MVP and MCSM (Solutions Master) and he contributes to the Microsoft Community with articles, tutorials, blog posts, forums and book reviews. He is a regular contributor at MSExchange.org, ITPROCentral.com and AndersonPatricio.org (Portuguese).