Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Change password with OWA

Posted on 2011-03-01
17
Medium Priority
?
604 Views
Last Modified: 2012-08-13
Hi All,

Im running Exchange 2010

Some of my mobile users are trying to change password over OWA but it will not let them change. Saying that minimal requirements have not been met even tho password entered are really complex.

Thanks
0
Comment
Question by:aucklandnz
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 8
  • 7
  • 2
17 Comments
 
LVL 13

Expert Comment

by:AustinComputerLabs
ID: 35014095
What version of server?
Were these users migrated from an older version since they last set their password?
0
 
LVL 3

Author Comment

by:aucklandnz
ID: 35014103
Version 14.1 (build 218.15) yes the user was migrated from exchange 2007

thanks
0
 
LVL 13

Expert Comment

by:AustinComputerLabs
ID: 35014130
The Migration will allow passwords that do not meet the requirements but if you change it must meet the folllowing:

•Passwords cannot contain the user’s account name or parts of the user’s full name that exceed two consecutive characters.
•Passwords must be at least six characters in length.
•Passwords must contain characters from three of the following four categories:

1.English uppercase characters (A through Z).
2.English lowercase characters (a through z).
3.Base 10 digits (0 through 9).
4.Non-alphabetic characters (for example, !, $, #, %).
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 
LVL 3

Author Comment

by:aucklandnz
ID: 35014139
the user was able to change the password while connected to domain, i have  enforce complex password policy in GP and still cannot change
0
 
LVL 13

Expert Comment

by:AustinComputerLabs
ID: 35014187
Do you have an SSL cert for that installation?
0
 
LVL 3

Author Comment

by:aucklandnz
ID: 35014193
yes
0
 
LVL 13

Accepted Solution

by:
AustinComputerLabs earned 2000 total points
ID: 35014209
Check the Minimum Password Age setting in the Domain GPO. If you do not enable a minimum password age then OWA will not let you change the password.

You need to Enable the Minimum Password Age setting and set it to 0 or higher for the Change Password feature of OWA to work.
0
 
LVL 3

Author Comment

by:aucklandnz
ID: 35014253
Minimum Password Age setting in the Domain GPO is set to 28
0
 
LVL 13

Expert Comment

by:AustinComputerLabs
ID: 35014267
Try 0 as a test, and see if that changes the behavior. I had one set to 7 that did not work until I changed it to 0 (which is like disabling that requirement).
0
 
LVL 13

Expert Comment

by:AustinComputerLabs
ID: 35014273
Minimum Password Age  determines the period of time (in days) that a password must be used before the user can change it. You can set a value between 1 and 998 days, or you can allow changes immediately by setting the number of days to 0.

0
 
LVL 7

Expert Comment

by:FemSteenkamp
ID: 35014921
i think AustinComputerLabs: found the problems

outlook nearly always returns the one generic error about complexity if for any reasons the passwords cannot be updated. i think this is deliberate so that the return message does not return information that hackers can use to gues password and usernames.

the minimum password age just looks at whent he password was last changed ( it doesnt matter if it was teh uers or an admin doing a reset) and will not allow the password to be changed for the duration. checking the  box "user must change password at next logon" will overide this setting but has other problems if users dont log on to a domain with their workstations (i.e. only using AD for outlook authentication.
0
 
LVL 13

Expert Comment

by:AustinComputerLabs
ID: 35033503
Did you solve this or do you need more assistance?
0
 
LVL 3

Author Comment

by:aucklandnz
ID: 35033550
I'm off till Monday. I will make the change on Monday and post the result.

Thanks for all your comments
0
 
LVL 3

Author Comment

by:aucklandnz
ID: 35076520
hi,

I have change it but still cannot change the password

thanks
0
 
LVL 13

Expert Comment

by:AustinComputerLabs
ID: 35076536
You set the Minimum Password Age setting to 0 and then ran gpupdate /force?
0
 
LVL 3

Author Comment

by:aucklandnz
ID: 35077577
yes. Minimum and Maximum to 0, with gpupdate /force

I have edit Default Group Policy at the top level just to make sure
0
 
LVL 7

Expert Comment

by:FemSteenkamp
ID: 35108081
just some more info.

1) you can always RESET a password from the MMC, regardless  of the policy settings.
  just note that this ALSO bypass password history check etc. the ONLY thing that password reset (as opposed to change) look at is that it must meet length and complexity requirements
2) clicking the "user must change pasword at next logon" overides the policy about password age and alow the user to change the password.

0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
I don't pretend to be an expert at this, but I have found a few things that are useful. I hope that sharing them here will help others, so they will not have to face some rather hard choices. Since I felt this to be a topic of enough importance and…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
Suggested Courses

660 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question