Applies to: Exchange Server 2007 SP3
Topic Last Modified: 2010-03-29

This topic explains how to use Registry Editor to enable the Microsoft Exchange Server 2007 Password Reset Tool.

Microsoft Office Outlook Web Access (OWA) includes a feature to let users change their passwords. However, this feature requires that users log on to OWA to change their passwords. In a scenario in which a user password has expired, or in which users have to change their passwords when they first log on, users cannot log on to OWA to access the password change feature. In earlier versions of Microsoft Exchange , an administrator could configure the IISADMPWD Web application to help users. To do this, the administrator could direct users who had expired passwords to an anonymously-accessible Web page to reset their passwords. IISADMPWD is not available in Windows Server 2008. Therefore, the password reset functionality may be unavailable for Exchange 2007 users in a Windows Server 2008-based environment.

Exchange 2007 SP3 adds a new feature to the Client Access server (CAS) role. This feature creates a new Internet Information Services (IIS) 7 module that detects expired passwords, and redirects users to a new change password page. By default, this feature is disabled. To enable the password reset feature, you must set a registry key.

To enable the password reset feature
  1. Log on to the Exchange server that is running the CAS role by using an account that has local administrator rights.

  2. Start Registry Editor, and then locate the following registry subkey:

    HLKM\SYSTEM\CurrentControlSet\Services\MSExchange OWA

  3. Create the following DWORD value if it does not already exist:

    Value name: ChangeExpiredPasswordEnabledValue type: REG_DWORDValue data: 1

  4. Exit Registry Editor.

The password reset functionality is enabled when ChangeExpiredPasswordEnabled is set to a nonzero (0) value. If this registry value is missing or is set to a value of zero, the password reset functionality is disabled.