Change password with OWA

Hi All,

Im running Exchange 2010

Some of my mobile users are trying to change password over OWA but it will not let them change. Saying that minimal requirements have not been met even tho password entered are really complex.

Thanks
LVL 3
aucklandnzAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
AustinComputerLabsConnect With a Mentor Commented:
Check the Minimum Password Age setting in the Domain GPO. If you do not enable a minimum password age then OWA will not let you change the password.

You need to Enable the Minimum Password Age setting and set it to 0 or higher for the Change Password feature of OWA to work.
0
 
AustinComputerLabsCommented:
What version of server?
Were these users migrated from an older version since they last set their password?
0
 
aucklandnzAuthor Commented:
Version 14.1 (build 218.15) yes the user was migrated from exchange 2007

thanks
0
Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

 
AustinComputerLabsCommented:
The Migration will allow passwords that do not meet the requirements but if you change it must meet the folllowing:

•Passwords cannot contain the user’s account name or parts of the user’s full name that exceed two consecutive characters.
•Passwords must be at least six characters in length.
•Passwords must contain characters from three of the following four categories:

1.English uppercase characters (A through Z).
2.English lowercase characters (a through z).
3.Base 10 digits (0 through 9).
4.Non-alphabetic characters (for example, !, $, #, %).
0
 
aucklandnzAuthor Commented:
the user was able to change the password while connected to domain, i have  enforce complex password policy in GP and still cannot change
0
 
AustinComputerLabsCommented:
Do you have an SSL cert for that installation?
0
 
aucklandnzAuthor Commented:
yes
0
 
aucklandnzAuthor Commented:
Minimum Password Age setting in the Domain GPO is set to 28
0
 
AustinComputerLabsCommented:
Try 0 as a test, and see if that changes the behavior. I had one set to 7 that did not work until I changed it to 0 (which is like disabling that requirement).
0
 
AustinComputerLabsCommented:
Minimum Password Age  determines the period of time (in days) that a password must be used before the user can change it. You can set a value between 1 and 998 days, or you can allow changes immediately by setting the number of days to 0.

0
 
FemSteenkampCommented:
i think AustinComputerLabs: found the problems

outlook nearly always returns the one generic error about complexity if for any reasons the passwords cannot be updated. i think this is deliberate so that the return message does not return information that hackers can use to gues password and usernames.

the minimum password age just looks at whent he password was last changed ( it doesnt matter if it was teh uers or an admin doing a reset) and will not allow the password to be changed for the duration. checking the  box "user must change password at next logon" will overide this setting but has other problems if users dont log on to a domain with their workstations (i.e. only using AD for outlook authentication.
0
 
AustinComputerLabsCommented:
Did you solve this or do you need more assistance?
0
 
aucklandnzAuthor Commented:
I'm off till Monday. I will make the change on Monday and post the result.

Thanks for all your comments
0
 
aucklandnzAuthor Commented:
hi,

I have change it but still cannot change the password

thanks
0
 
AustinComputerLabsCommented:
You set the Minimum Password Age setting to 0 and then ran gpupdate /force?
0
 
aucklandnzAuthor Commented:
yes. Minimum and Maximum to 0, with gpupdate /force

I have edit Default Group Policy at the top level just to make sure
0
 
FemSteenkampCommented:
just some more info.

1) you can always RESET a password from the MMC, regardless  of the policy settings.
  just note that this ALSO bypass password history check etc. the ONLY thing that password reset (as opposed to change) look at is that it must meet length and complexity requirements
2) clicking the "user must change pasword at next logon" overides the policy about password age and alow the user to change the password.

0
All Courses

From novice to tech pro — start learning today.