locked
Password reset for the respective OU in the remote Domain Controller using RPC over HTTP (MS Outlook 2007) and OWA. RRS feed

  • Question

  • Environment Information

     

    Main Site:

     

    Main HQ - Domain Controller with users in OU for each company – hosting mail services for 20 companies

     

    ·         Windows 2003 64Bit SP2

    ·         Exchange 2007 Enterprise with SP2 – All the nodes.

    o   2 HUB Server

    o   2 CAS Servers

    o   2 Mailbox – Veritas Cluster

     

     

    Remote Site:  20 companies outside the main domain with their own domain controller.

     

    Different Domains (without any trust relationship), using HQ Domain Controller for authentication for E-Mails (users using OWA and Microsoft Outlook using RPC over HTTP).

     

     Users (One of the OU in the main site) – around 400 plus users.

     

    -          Access mails over OWA

    -          Access Mails using Outlook 2007 – RPC over HTTP

     

     

    Problem

     

    -          Users are provided with default password to access the mail and users does not change the same, security breach for the people who can guess the usernames.

     

    Expected Outcome

     

    -          Enable password change using OWA and Microsoft Outlook 2007

    -          Password expiry for the users in the respective OU

     

    Password reset for the respective OU in the remote Domain Controller using RPC over HTTP (MS Outlook 2007) and OWA.

     

    Sunday, July 31, 2011 11:50 AM

Answers

  • Resetting Password using OWA:

    Have you tried to configure/enable this feature? On http://www.ucblogs.net/blogs/exchange/archive/2010/11/08/Password-Reset-Feature-in-Exchange-2007-and-2010.aspx you will get a step-by-step guide.

    Password Policy for diffrent Organisational Units

    This article describes the procedure how to create a new password policy that works for a organizational unit http://technet.microsoft.com/en-us/library/cc770394(WS.10).aspx

     

     

     


    regards Thomas Paetzold visit my blog on: http://sus42.wordpress.com
    • Marked as answer by Gavin-Zhang Wednesday, August 3, 2011 8:33 AM
    Sunday, July 31, 2011 7:49 PM
  • in this case it isn´t possible to use Outlook to change the password.becasuse users are authenticated in the resourcedomain but want to change the password of their local domain. In this case Windows will give the user a hint and prompts for a password chnage of the useraccount registered in the local domain.

    This feature you don´t have to switch on because it is switched on by default.

     

     


    regards Thomas Paetzold visit my blog on: http://sus42.wordpress.com
    • Marked as answer by Gavin-Zhang Wednesday, August 3, 2011 8:33 AM
    Tuesday, August 2, 2011 6:51 PM

All replies

  • Resetting Password using OWA:

    Have you tried to configure/enable this feature? On http://www.ucblogs.net/blogs/exchange/archive/2010/11/08/Password-Reset-Feature-in-Exchange-2007-and-2010.aspx you will get a step-by-step guide.

    Password Policy for diffrent Organisational Units

    This article describes the procedure how to create a new password policy that works for a organizational unit http://technet.microsoft.com/en-us/library/cc770394(WS.10).aspx

     

     

     


    regards Thomas Paetzold visit my blog on: http://sus42.wordpress.com
    • Marked as answer by Gavin-Zhang Wednesday, August 3, 2011 8:33 AM
    Sunday, July 31, 2011 7:49 PM
  • Thanks Peddy for the inputs, how do we handle the password reset for the people using Microsoft Outlook 2007/ 2010 for the password - how does it prompts for the change in password as the users are not logging into the resource domain and using local domain for the authentications.

    Cheers, Vasu

    Tuesday, August 2, 2011 8:57 AM
  • in this case it isn´t possible to use Outlook to change the password.becasuse users are authenticated in the resourcedomain but want to change the password of their local domain. In this case Windows will give the user a hint and prompts for a password chnage of the useraccount registered in the local domain.

    This feature you don´t have to switch on because it is switched on by default.

     

     


    regards Thomas Paetzold visit my blog on: http://sus42.wordpress.com
    • Marked as answer by Gavin-Zhang Wednesday, August 3, 2011 8:33 AM
    Tuesday, August 2, 2011 6:51 PM