Users can't change password trough OWA for Exchange 2010

exchange exchange-2010 password outlook-web-app security

28,988

Solution 1

We had a similar issue. It was solved by setting the "Minimum password age" to 0 days.

Setting it to 1 day will prevent users from modifying their password if it is less than a day old, meaning that if it was just reset or changed for testing purposes, you will have to wait 24 hours to change it again.

Leave the complexity requirements as is, and set the minimum password age to 0 and try again.

Solution 2

I'd suspect the users AREN'T meeting the minimum security requirements if they are receiving that message. I wouldn't be surprised if the issue was with the Complexity Requirements being enabled. As per Technet:

Passwords must meet complexity requirements determines whether password complexity is enforced. If this setting is enabled, user passwords meet the following requirements:

The password is at least six characters long.
The password contains characters from at least three of the following:
    English uppercase characters (A - Z)
    English lowercase characters (a - z)
    Base 10 digits (0 - 9)
    Non-alphanumeric (For example: !, $, #, or %)
    Unicode characters
The password does not contain three or more characters from the
    user's account name.

I'd say try disabling the Complexity Requirements to test again.

28,988

Rémy Roux

Updated on September 18, 2022

Comments

Rémy Roux over 1 year
Here's our problem, users who want to change their password trough OWA get this error "The password you entered doesn't meet the minimum security requirements.", even if users are respecting the minimum security requirements.

With these settings, we have the error:
```
Enforced password history                          1 passwords remembered
Maximum password age                               185 days 
Minimum password age                               1 day
Minimum password length                            7 characters
Password must meet complexity requirements         enabled
```
With these test settings, we don't have an error:
```
Enforced password history                          not defined
Maximum password age                               not defined 
Minimum password age                               not defined
Minimum password length                            not defined
Password must meet complexity requirements         not defined
```
People can change their password but there is no more security!

Just changing one parameter of the GPO for example "Enforced password history", brings back this error.

Here's our server configuration :
```
Windows Server 2008 R2

Exchange Server 2010 
Version: 14.00.0722.000
```
If anybody has a clue it would very helpful !
- Giordano Ferrari over 12 years
  
  Version: 14.0 is pre-SP1 correct? I believe that this is a bug SP1 fixes.
- Rémy Roux over 12 years
  
  We were not referring to expired passwords. Even if the password is valid it cannot be changed. We still get a "The password you entered doesn't meet the minimum security requirements."
Rémy Roux over 12 years

The user has entered the minimum security required. When we type the password in OWA the error appears, but no error with the same password typed in Active Directory. We have already tested with Complexity Requirements disabled.