Password Change through OWA
In order to allow a user to change their password through OWA we first have to enable SSL on the OWA server. As you can see we have already accomplished that. The next step requires us to create a virtual directory in Internet Services Manager. The virtual directory is called Iisadmpwd and points to a physical directory located on the Exchange box at C:\winnt\system32\inetserv\iisadmpwd. Figure 16 shows us the beginning steps to creating the Virtual directory.
Make certain to point the Virtual Directory at the physical drive location discussed previously. As you go through the Create Virtual Directory Wizard, be certain to only allow Read and Script Access check boxes. By default, these should be the only two boxes selected. Finally, go into the properties of the Iisadmpwd folder and ensure that anonymous access is selected. There can be other authentication options selected as well, but this one is critical to the success of the venture. If it isn’t enabled, a user whose password has expired will not be able to get in to change their password. See Q275457 for more information relating to this particular setting. One last thing to finish now. Open up a command prompt and change to the c:\inetpub\adminscripts directory. At the command prompt, you will want to type the following command, exactly as you see it here: adsutil.vbs set w3svc/passwordchangeflags 0 Note that there is no space between w3svc/passwordchangeflags. Be aware that you may initially get a prompt that indicates that the current script engine isn’t capable of handling the request and asks you if you want to change the script engine. Select yes and you should receive verification that the command completed successfully. Now that we have finished this we can go into our OWA client to verify that a user can change their domain password from within OWA. As you can see from Figure 17, I have connected to my mailbox using OWA and gone to the options shortcut. You should notice that it is still using a secure connection!