So, there I was busily working on some of the final configuration elements of my CAS setup when I receive a Helpdesk (or ticket) from a customer suggesting that they can no longer change their password via OWA 2003 Interface.

Although considering the time scales that I have been working to – this perhaps might have been a minor problem (as our SLA does not cover Password changes via the OWA Interface) but this bugged me a little bit so I decided to have a look.

Essentially as we are mid migration I have a number of customers who’s mailboxes still reside on Exchange 2003, however, I have already removed my existing Exchange 2003 FES (Front End Servers) and replaced them with Windows 2008, Exchange 2007 SP1 Client Access Servers.

When one of my Exchange 2003 based people logon to OWA and try to change their password  via [OPTIONS] – see below;

Then from the OWA options screen which appears in the right hand window select [Change Password] – see below;

They are presented with the following error (where the usual change password box would appear):

As you can see from the above – the error that is produced is from the IIS 7 web service running on my Windows 2008 CAS server, and it also suggest that the files or indeed the directory that contains the file to perform the password reset are not present.

This was indeed a bit of a “slap head” moment (whilst screaming “DOH!!!!“) as although my previous Windows 2003 based FES had the IISADMPWD directory enabled my CAS servers which are running on Windows 2008  do not.

“Never Fear” I thought, I’ll just have a quick look around the web and find out how to enable to IISADMPWD feature in IIS 7 – I found nothing, nada, zip, bupkiss – bugger.

I sat there for a little bit scratched my head then thought “What if I copy over the IISADMPWD file from the old FES to the IIS CAS” – this seemed like a crazy but logical idea so:

Before I began I ran the serverManagerCMD -q command on my Windows 2008, Exchange 2007 CAS to review the IIS components that were installed (in view that this actually worked I the following are the installed components within my installation):

[X] Web Server (IIS)  [Web-Server]
    [X] Web Server  [Web-WebServer]
        [X] Common HTTP Features  [Web-Common-Http]
            [X] Static Content  [Web-Static-Content]
            [X] Default Document  [Web-Default-Doc]
            [X] Directory Browsing  [Web-Dir-Browsing]
            [X] HTTP Errors  [Web-Http-Errors]
            [X] HTTP Redirection  [Web-Http-Redirect]
        [X] Application Development  [Web-App-Dev]
            [X] ASP.NET  [Web-Asp-Net]
            [X] .NET Extensibility  [Web-Net-Ext]
            [X] ASP  [Web-ASP]
            [ ] CGI  [Web-CGI]
            [X] ISAPI Extensions  [Web-ISAPI-Ext]
            [X] ISAPI Filters  [Web-ISAPI-Filter]
            [ ] Server Side Includes  [Web-Includes]
        [X] Health and Diagnostics  [Web-Health]
            [X] HTTP Logging  [Web-Http-Logging]
            [X] Logging Tools  [Web-Log-Libraries]
            [X] Request Monitor  [Web-Request-Monitor]
            [X] Tracing  [Web-Http-Tracing]

[X] Security  [Web-Security]
            [X] Basic Authentication  [Web-Basic-Auth]
            [X] Windows Authentication  [Web-Windows-Auth]
            [X] Digest Authentication  [Web-Digest-Auth]
            [X] Client Certificate Mapping Authentication  [Web-Client-Auth]

[X] Management Tools  [Web-Mgmt-Tools]
        [X] IIS Management Console  [Web-Mgmt-Console]
        [X] IIS 6 Management Compatibility  [Web-Mgmt-Compat]
            [X] IIS 6 Metabase Compatibility  [Web-Metabase]
            [X] IIS 6 Management Console  [Web-Lgcy-Mgmt-Console]

I decided that the installed components above should be enough to support the functionality of the original change password components so on my Windows 2008 Exchange 2007 CAS server I navigated to [c:\windows\system32\inetsrv] and created a directory called “IISADMPWD” – see below;

From my old Exchange 2003 Front End Server (FES) I copied the contents (all the ASP files) of the [ C:\Windows\System32\Inetsrv\ ] directory to the new directory on my Windows 2008 CAS (see above for the directory) - see below for the contents as it should look on your Windows 2008 CAS;

I then jumped into the IIS 7 Administration tool on my Windows 2008 CAS [ START-> Programs -> Administrative Tools -> Internet Information Services (IIS) Manager ] and expanded [ <Server Name> -> Sites ] here I right clicked with my mouse on the Default Web Site and then from the context menu that appeared I choose the “Add Virtual Directory Option” – see below;

Within the dialog box that opened I provided the following information (if you are following this you ensure your settings correspond to the following – when done click on the “OK” button;

After clicking on the “OK” button I was returned to the IIS 7 main interface – where I could now see my new IISADMPWD virtual directory – I right clicked on the new virtual directory entry and from the context menu that appear I chose “Convert to Application” option - see below;

From the dialog box that appeared I chose the “Select Button” located next to the “Application Pool” data section - see below;

From the dialog that appeared from the drop down menu entitled “Application Pool” I choose the “MSExchangeOWAAppPool” option and then clicked on the “OK” button and then “OK” again which returned me to the main IIS 7 admin screen – see below;

From the right hand tree node in the IIS manager I selected my new “IISADMPWD” application directory which changed the main window to display the configurable options – under the IIS section I double clicked on the “Authentication” option – see below;

This changed the main window to look like the following example – here I ensured that the only form of Authentication selected was “BASIC” – see below;

From here I ensured that all settings had been applied – I then reset the IIS services [ Start -> RUN - > IISRESET /noforce ] and then retried accessing the change password feature via the OWA 2003 mailbox via my CAS server which worked – see below;

I ran through the change password process which worked perfectly – cool.

I hope this helps someone along the way.

---

Possibly related posts: (automatically generated)

• Exporting Existing SSL OWA Certificates from Exchange 2003 FES to Exchange …