Tip: Improve Exchange Security by Requiring Users to Change Passwords

Group Policy settings typically require users to periodically change their passwords. Sometimes, you may have to ensure that a user changes her password the next time she logs on. For example, if you have to reset a user’s password and you give him the password over the phone, you may want the user to change the password the next time he logs on.

You can set a user account to require the password to be changed on next logon by completing the following steps:
1. In Exchange Management Console, expand the Recipient Configuration node and then select the related Mailbox node.
2. Double-click the mailbox entry for the user with which you want to work.
3. On the Account tab, select the User Must Change Password At Next Logon check box. Click OK.

Tips RSS Feed

Subscribe to the TechNet Magazine Tips RSS feed.

You can also use the Set-User cmdlet in the Exchange Management Shell to perform the same task, like so:
Syntax

Set-User -Identity 'UserIdentity'
-ResetPasswordOnNextLogon <$false|$true>

Usage

SetUser -Identity 'Frank Lee' -ResetPasswordOnNextLogon $true

From the Microsoft Press book Microsoft Exchange Server 2007 Administrator’s Pocket Consultant, Second Edition by William R. Stanek.

Looking for More Tips?

For more Exchange Server tips, visit the TechNet Magazine Exchange Server 2007 Tips page.

For more Tips on other products, visit the TechNet Magazine Tips index.