I am running Exchange 2007 Standard on a Windows Server 2003 R2 (x64)
Standard server. I have both the OS and the Exchange Server running
smoothly. I have setup my server in "hosting mode" as it will have several
different companies on it. That part is working well. What I am having
trouble with is the change password functionality when the user has the "User
must change password at next logon" checked. This creates a problem for new
users or users who let thier password expire. I have created a VBScript that
will e-mail users when thier password is about to expire, it doesn't help me
for new users.
I have done the following:
1) Expanded the IISPWCHG.DLL from the AMD64 directory
(http://support.microsoft.com/kb/932439/en-us)
2) Setup the IISADMPWD virtual directory
(http://support.microsoft.com/kb/297121/)
3) Changed the application pool for the IISADMPWD directory to the
MSExchangeOWAApPool application pool
4) Performed an IISRESET and rebooted the server
The SECURITY event log of the server sees the login correctly (I am using
the User's Principle Name) but gives me a hard time about the fact the
password must be change.
Event Type: Failure Audit
Event Source: Security
Event Category: Logon/Logoff
Event ID: 535
Date: 8/9/2007
Time: 1:48:13 PM
User: NT AUTHORITY\SYSTEM
Computer: 1STACEX01
Description:
Logon Failure:
Reason: The specified account's password has expired
User Name: user@mydomain.net
Domain:
Logon Type: 8
Logon Process: Advapi
Authentication Package: Negotiate
Workstation Name: 1STACEX01
Caller User Name: 1STACEX01$
Caller Domain: mydomain
Caller Logon ID: (0x0,0x3E7)
Caller Process ID: 4584
Transited Services: -
Source Network Address: 192.168.1.169
Source Port: 51375
I used to use this method ALL the time in Exchange 2003 for offsite users,
especially sales people. I need some help getting this functionality back.
Any ideas?