Change password at next logon in Exchange 2010 SP1
For those Exchange admins out there, most have made plans or at least are looking into upgrading their Exchange 2010 RTM environments to SP1.ย The SP1 upgrade has many great improvements over the RTM version.ย The feature list from Microsoft can be foundย here: https://technet.microsoft.com/en-us/library/ff459257.aspx
One feature I want to mention in this post is something administrators have been asking for, maybe even begging for a long time – The ability to flag passwords to change at next logon and have Exchange handle it internally without the need for hacks to IIS and the addition of the IISADMPWD virtual directory and so on and so forth.ย All of us who have administered Exchange environments have had this headache forever.ย Also, depending on your service pack level on Exchange 2007 and if you were running Exchange 2010 RTM, the IISADMPWD just simply doesn’t work in certain configurations.
With the upgrade to SP1 you can simply set a registry key on the CAS server(s) in your environment and you are all set!ย That simple!
Ok so here it is straight from Microsoft’s site:ย https://msdn.microsoft.com/en-us/library/bb684904.aspx
- Log on to the Client Access server.
- Start Registry Editor (regedit).
- Locate the following registry subkey: HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\MSExchange OWA.
- Create the following DWORD value if it doesn’t already exist: ChangeExpiredPasswordEnabled. The value type will be REG_DWORD.
- Set the value of ChangeExpiredPasswordEnabled to 1.
- Exit Registry Editor.
Once you have made the changes to the system registry of your CAS server(s), you simply need to restart IIS:
iisreset /noforce