Remove From My Forums

Exchange 2010 SP1 Password Reset Problem

Question
0

Sign in to vote

Following this:

http://blogs.technet.com/b/nawar/archive/2010/06/28/exchange-2007-sp3-password-reset-for-expired-passwords-or-change-first-log-on-scenarios.aspx

We found that after going in and requiring a user to change their password and setting it to something else, the user could still log in with their old password with no problem, and no prompt. When they entered the password we reset it to, it then prompted for a new password.

Is it standard behavior to still allow the old password to authenticate even when the password has been changed and the must change password trigger has been set? If so, wtf?

Wednesday, February 1, 2012 5:53 PM

Answers

0

Sign in to vote
Hi Dest,

In this case, you may notice a 15-minute period during which the user can log on to their mailbox by using either the old password or the new password. However, if the user uses a MAPI client (such as Microsoft Outlook) to access the mailbox or if the user tries to access other files and resources, the user is authenticated only if they use the new password.

This latency exists by design for Internet Information Services (IIS) performance reasons and is controlled by the following registry setting.

Thanks.
Rowen

TechNet Community Support
- Marked as answer by Dest Thursday, February 2, 2012 6:36 PM
Thursday, February 2, 2012 3:15 AM
0

Sign in to vote
Try the below links out and see if it resolve your problem.

http://support.microsoft.com/kb/267568

http://www.exchange-genie.com/2010/07/exchange-2007-and-exchange-2010-password-change-feature/

Girishp
- Marked as answer by Dest Thursday, February 2, 2012 6:36 PM
Thursday, February 2, 2012 10:41 AM

All replies

0

Sign in to vote

Sounds like poor replication.

The old password shouldn't work after it has been changed, but if there are replication delays, then the old password may well still be valid on another domain controller.

Simon.
Simon Butler, Exchange MVP
Blog | Exchange Resources | In the UK? Hire Me.

Wednesday, February 1, 2012 9:41 PM
0

Sign in to vote
Hi Dest,

In this case, you may notice a 15-minute period during which the user can log on to their mailbox by using either the old password or the new password. However, if the user uses a MAPI client (such as Microsoft Outlook) to access the mailbox or if the user tries to access other files and resources, the user is authenticated only if they use the new password.

This latency exists by design for Internet Information Services (IIS) performance reasons and is controlled by the following registry setting.

Thanks.
Rowen

TechNet Community Support
- Marked as answer by Dest Thursday, February 2, 2012 6:36 PM
Thursday, February 2, 2012 3:15 AM
0

Sign in to vote
Try the below links out and see if it resolve your problem.

http://support.microsoft.com/kb/267568

http://www.exchange-genie.com/2010/07/exchange-2007-and-exchange-2010-password-change-feature/

Girishp
- Marked as answer by Dest Thursday, February 2, 2012 6:36 PM
Thursday, February 2, 2012 10:41 AM
0

Sign in to vote

I don't believe it to be poor replication, especially with how small our domain is. Thank you for the links and explanations.

Thursday, February 2, 2012 6:37 PM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

Exchange 2010 SP1 Password Reset Problem

Question

Answers

All replies