Solved

OWA expired password does not warn or redirect users.

Posted on 2007-03-20
8
2,255 Views
Last Modified: 2008-05-31
We are using Windows 2003 SP1 Native and Exchange 2003 SP2.
The user in question has a genuine expired password. Our password expire every 90 days and I have been waiting to see if the OWA redirect and warnings would work.
I have a about 600 users that only use OWA. 3 months ago we enforced a password policy to expire passwords every 90 days. Well, I wanted to make sure the users will have the ability to know when thier password expires and change it.
OWA works fine as far as checking email goes. I also enabled the "change password" option so user can change thier password. Nothing else seems to work as far as warning the user with a "password about to expire message" or redirecting them to a change password page when their password had expired.

I would like to fix this. Any ideas?
Thanks
0
Comment
Question by:jasonlkennedy
8 Comments
 
LVL 39

Accepted Solution

by:
redseatechnologies earned 500 total points
ID: 18759705
This is a problem with OWA only users - the solution I have seen is to email out reminders (automatically) about expiring password.

This was from a search (but not free)
http://www.sysoptools.com/

There was another one that I thought I had saved somewhere, but cannot find it now :/

-red
0
 
LVL 1

Author Comment

by:jasonlkennedy
ID: 18759727
I seen PEWA, but was informed by others about how the other built in solutions should have worked. especially the redirect if someone logs into OWA and thier password has expired.

Thanks
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18759792
I don't know who has told you that because I am pretty much certain it doesn't work.

The problem is, when it is set to "user must change password at next logon" the account is expired - windows allows for this, but IE (and therefore OWA) does not.

This is a relatively common problem, and we avoid it by getting users to change their passwords manually and before the expiry time
0
Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18760251
You can try the following script located in the inetput\adminscript directory

cscript adsutil.vbs set w3svc/1/ROOT/exchangfe/PasswordExpirePreNotifyDays 10
0
 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18760254
Also as red said once it is expired they wont be able to do anything through OWA, but if you get the banner warning working then they can change it before it expires.
0
 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18760270
0
 
LVL 22

Expert Comment

by:kristinaw
ID: 19217632
I've heard a rumor that a kb will be released describing this issue and the fix for it.

kris.
0
 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 19221746
You could also create a custon asp script for something like this, like a password reset site.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now