The following procedure will allow an expired password to be changed on Exchange 2007 SP3 and Exchange 2010 SP1 Client Access servers:
- On the Exchange (CAS), click Start > Run and type regedit.exe and click OK.
- Navigate to HKLM\SYSTEM\CurrentControlSet\Services\MSExchange OWA.
- Right click the MSExchange OWA key and click New > DWord (32-bit).
- The DWORD value name is ChangeExpiredPasswordEnabled and set the value to 1.
- After you configure this DWORD value, you must reset IIS. The recommended method to reset IIS is to use IISReset /noforce from a command prompt.
After the above steps have been completed, you will now notice if you have set the “User must change password at next logon” flag, you will now be prompted for a password change when logging into OWA as seen below.