Solved

OWA expired password does not warn or redirect users.

Posted on 2007-03-20
8
2,260 Views
Last Modified: 2008-05-31
We are using Windows 2003 SP1 Native and Exchange 2003 SP2.
The user in question has a genuine expired password. Our password expire every 90 days and I have been waiting to see if the OWA redirect and warnings would work.
I have a about 600 users that only use OWA. 3 months ago we enforced a password policy to expire passwords every 90 days. Well, I wanted to make sure the users will have the ability to know when thier password expires and change it.
OWA works fine as far as checking email goes. I also enabled the "change password" option so user can change thier password. Nothing else seems to work as far as warning the user with a "password about to expire message" or redirecting them to a change password page when their password had expired.

I would like to fix this. Any ideas?
Thanks
0
Comment
Question by:jasonlkennedy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 39

Accepted Solution

by:
redseatechnologies earned 500 total points
ID: 18759705
This is a problem with OWA only users - the solution I have seen is to email out reminders (automatically) about expiring password.

This was from a search (but not free)
http://www.sysoptools.com/

There was another one that I thought I had saved somewhere, but cannot find it now :/

-red
0
 
LVL 1

Author Comment

by:jasonlkennedy
ID: 18759727
I seen PEWA, but was informed by others about how the other built in solutions should have worked. especially the redirect if someone logs into OWA and thier password has expired.

Thanks
0
 
LVL 39

Expert Comment

by:redseatechnologies
ID: 18759792
I don't know who has told you that because I am pretty much certain it doesn't work.

The problem is, when it is set to "user must change password at next logon" the account is expired - windows allows for this, but IE (and therefore OWA) does not.

This is a relatively common problem, and we avoid it by getting users to change their passwords manually and before the expiry time
0
Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18760251
You can try the following script located in the inetput\adminscript directory

cscript adsutil.vbs set w3svc/1/ROOT/exchangfe/PasswordExpirePreNotifyDays 10
0
 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18760254
Also as red said once it is expired they wont be able to do anything through OWA, but if you get the banner warning working then they can change it before it expires.
0
 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 18760270
0
 
LVL 22

Expert Comment

by:kristinaw
ID: 19217632
I've heard a rumor that a kb will be released describing this issue and the fix for it.

kris.
0
 
LVL 10

Expert Comment

by:MATTHEW_L
ID: 19221746
You could also create a custon asp script for something like this, like a password reset site.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question