It has been possible to change passwords via OWA for some time now. What is new, however, is the option to change expired passwords via OWA. The prerequisite for this is Exchange 2010 with Service Pack 1 or Exchange 2007 with Service Pack 3 on Server 2008.
To be able to use the new feature, a DWord (32Bit) must be entered in the registry of the CAS server:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\MSExchange OWA]
"ChangeExpiredPasswordEnabled"=dword:00000001
After you have added this entry, you only need to restart the IIS. This can be done with the following command from the command line or Powershell:
iisreset /noforce
If a user's password has now expired, they will see the following screen when logging in to OWA:
The user must note that they cannot enter their e-mail address in the "User name" field, but must select the format "Domain\User name".
