Friday , August 7 2020

Exchange 2013 – OWA Password Expired – Requiring DOMAIN\Username

When a user’s password expires and they login to OWA, the system allows them to change the password. However, Exchange 2013 OWA requires them to use the format ‘DOMAIN\username’.

UPN authentication isn’t supported yet in Exchange 2013 OWA.

  • When can’t expect the users to remember the domain name (unnecessary increase in support calls).
  • We can’t expect the users to remember the Hosted domain name in a hosted environment.

In Exchange 2013 OWA when the UPN Is changed. User reset will happen in the below format.

DomainName\user@tenant1.com

As you know , when the logon format is “User Principal Name” the Domain\user name field is not populated by Exchange automatically.

This article will explain how to over come this situation by doing a autofill – when your login format is set to username or UPN  by customizing the fexppw.js file in OWA Folder.

Location of the file – “C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\auth\XXX\scripts\premium”

Lets see my below example for better understanding –

My Root Domain name is testcareexchange.biz

my customer domain name is peppy.com

image

See my Users UPN (Userprincipalname) and Primarysmtp address

below mailbox is on testcareexchange.biz domain

image

Now lets see how resetting password at next logon works

“Your password has expired and you need to change it before you sign in to Outlook Web App”

Domainname\user@domain.local

In my case it is

Testcareexchang\user@peppy.com

image

Your password has been changed. Click OK to sign in with your new password.

Seriously , We can’t expect the users to remember this format . Which is going to increase the support calls for password resets on expiry. Especially users not joined in the domain and in a hosted environment.

Only way to overcome this issue is to do a autofil this domain\username details.

lets see how to do it.

Locate the file from below location – fexppw.js
Location of the file – “C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\auth\XXX\scripts\premium”

Make sure OWA Virtual directory is set to

Use forms-based authentication Logon format:User principal name (UPN)

image

Take a backup of the below file –

image

Add the below line – in the else statement as shown below.

No IISreset required after the below change. Clear your browser cache and check.

gbid(“username”).value = “TESTCAREEXCHANG\\” + rg[3];

image

Once Changed. SAVE the file. Clear browser cache . check now.

As shown below .It should autofill.

image image

What if your are using ?

Use forms-based authentication Logon format:User name only

image

REPLACE the below line – in the If statement as shown below.

No IISreset required after the below change. Clear your browser cache and check.

gbid("username").value = "TESTCAREEXCHANG\\" + rg[3];

image

Happy Customization.

NOTE ++++ THIS CUSOMIZATION IS NOT SUPPORTED BY MICROSOFT ++++++

++++++++++ANY UPDATES FROM MICROSOFT IS GOING TO REPLACE THIS SETTING AND YOU NEED TO REDO THIS CUSTOMIZATION +++++++

About Satheshwaran Manoharan

Satheshwaran Manoharan is an Microsoft Office Server and Services MVP , Publisher of Azure365pro.com. Specialized in Office365 / Microsoft Exchange / Virtualization , Sathesh is an Messaging Expert supporting/Designing/Deploying many medium size businesses to large enterprises when it comes to Corporate messaging and Virtualization Infrastructure

Check Also

Migration Endpoint Fails with Connection Exception

Solution –  Make sure Outlook Anywhere succeeds with test account. Make sure you enter the …

4 comments

  1. I was unsuccessful. please help.

  2. We are not able to change the password through OWA in Exchange server 2013?

  3. Hi

    I tried the above. It seems that the rg return NULL and there is no cookie for the username.
    the gbid command also does not seems working because if we do
    gbid(“username”).value = “abc\\”

    It does not seems to take effect as well. I confirmed that the script was actually executed as I was able to get a popup alert in the last if loop.

    thanks
    Lim

Leave a Reply

Your email address will not be published.