Exchange 2010 Password Change Period

Exchange 2010 Password Change Period

Problem description:

========================

In the exchange 2010 SP2 environment, the "Password Never Expires" option in the user attribute is checked and the password validity period definition is canceled in the Group Policy, after the system has been applied for two months, the OWA user cannot log on normally, prompting that the user name or password is incorrect. After using EMC to reset the user password, the user can log on to OWA normally. How can this problem be caused.

 

Problem Analysis:

========================

Generally, when the user's password is about to expire, the system will prompt that the user's password is about to expire. If the password is not changed in time before expiration, OWA will not be able to log on, and will only receive a message indicating that the password is incorrect. It will not prompt that the user's password has expired, nor can it be changed through OWA.

 

Solution:

========================

1. When this problem occurs, it means that the "Password Never Expires" setting does not take effect completely, and OWA does not notify the user of password expiration in time.

2. When the notification password expires, it involves a key value named "changeexpiredpasswordenabled" in the Registry accessed by the client on the server.

We can refer to the following official Microsoft documents:

Configure the "Change Password" function in Outlook Web app

Http://technet.microsoft.com/zh-cn/library/bb684904.aspx

1) log on to the client to access the server.

2). Start the Registry Editor (Regedit ).

3). Search for the subitem in the *** table: HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ msexchange

OWA.

4). Create the following DWORD Value (if this value does not exist): "changeexpiredpasswordenabled ". Value Type

It is "REG_DWORD ".

5) set the value of "changeexpiredpasswordenabled" to "1 ".

6). Exit the Registry Editor.

 

3. After the password is set, if the password is about to expire, OWA will always prompt the user. Generally, the system starts to notify you 14 days before the password expires, and 14 days is the default value, which can be modified in the Group Policy. Based on this function, we can also determine whether the "Password Never Expires" takes effect. Because if the password never expires and takes effect, the password will not expire.

 

4. in addition, to determine whether the "Password Never Expires" takes effect, we can also use the problematic account to log in to the domain. If the password expires, the system will prompt us to change the password and change the password through domain login.

 

5. We can use "Active Directory users and computers" to set the user's attribute to "password neverexpires" so that the user's password will never expire. Generally, after we select this option for the user, the system will not prompt the user's password expiration information. We recommend that you restore the definition of the password validity period.

 

6. You can refer to the following link:

Password principles GPO Problems

Http://social.technet.microsoft.com/Forums/zh-TW/windowsserver2008zhcht/thread/85732629-e741-4838-aed4-f24fee68b913/

This article is from the blog "nonit learning miscellaneous", please be sure to keep this http://xinuo.blog.51cto.com/4584681/1439943

Exchange 2010 Password Change Period