Learn Exchange Server 2000: Setting Up Outlook Web Access to Use SSL Page 4

Password Change Through OWA

To allow users to change their passwords through OWA we first have to enable SSL on the OWA server. As you can see we have already accomplished that. The next step requires us to create a virtual directory in Internet Services Manager. The virtual directory is called Iisadmpwd and points to a physical directory located on the Exchange box at C:\winnt\system32\inetserv\iisadmpwd. Figure 16 shows us the beginning steps to creating the Virtual Directory.

Figure 16

Make certain to point the Virtual Directory at the physical drive location discussed previously. As you go through the Create Virtual Directory Wizard, be certain to allow only Read and Script Access check boxes. By default, these should be the only two boxes selected. Finally, go into the properties of the Iisadmpwd folder and ensure that anonymous access is selected. There can be other authentication options selected as well, but this one is critical to the success of the venture. If it isn't enabled, a user whose password has expired will not be able to get in to change their password. See Q275457 for more information relating to this particular setting.

One final thing to finish now. Open up a command prompt and change to the c:\inetpub\adminscripts directory. At the command prompt, type the following command, exactly as you see it here: adsutil.vbs set w3svc/passwordchangeflags 0

Note that there is no space between w3svc/passwordchangeflags. Be aware that you may initially get a prompt that indicates that the current script engine isn't capable of handling the request and asks you if you want to change the script engine. Select yes, and you should receive verification that the command completed successfully. Now that we have finished this we can go into our OWA client to verify that users can change their domain password from within OWA.

As illustrated in Figure 17, I have connected to my mailbox using OWA and gone to the options shortcut. Note that it is still using a secure connection!

Figure 17

When you click on the change password button, you should see the dialog box that is Figure 18.

Figure 18

Now we just have to fill in the information requested in Figure 19. The articles specify that the username must be specified in the Domain\Username format, as you can see that I have done.

Figure 19

In my case I am using Exchange 2000 SP3. When I got to this point I simply specified the appropriate information as required by the dialog box, and it worked. It actually didn't work when I tried to use the Domain\username setting as specified in some of the Q articles that I had read. You will want to test this setting based on the SP that you are using and educate your users appropriately.

That wraps it up for this week. I do want to point out three articles that I found to be extremely useful in performing these tasks. I would recommend that you review them prior to attempting to configure any of the above functions.

  • Q320291 explains how to configure OWA for SSL
  • Q279681 to configure OWA so that SSL was required
  • Q267596 shows us how to use the password change functionality within OWA and IIS

This article was originally published on Dec 28, 2002
Page 4 of 4

Thanks for your registration, follow us on our social networks to keep up-to-date