How to Block Change Password for Specific Exchange Users

Posted on IT Expert By IT Expert No Comments on How to Block Change Password for Specific Exchange Users
Block Change Password

in this article, we shall discuss how to Block Change Password for Specific Exchange Users. The above feature is handy and probably used as a security policy in certain companies to prevent AD password resets over the Internet (although SSL certificates encrypt all communication. You might have a case in which you want to block the change password feature within OWA, but not for all users. In that case, you need to change a few settings on the Exchange 2013 server. Please see how to disable Password Change for all Exchange Server Users, and how to perform Password Change with OWA.

Block Change Password for Specific Exchange Users

To do this, create a new custom OWA security policy. Link the new custom OWA security policy to a mailbox / multiple mailboxes.

Here’s how to achieve this: From within the Exchange Admin Center, go to Permissions / Outlook Web App Policies.

Observe the existing default policy; upon opening its properties, you’ll find all OWA security features enabled by default.

Now let’s create a new policy by clicking on the plus sign (+) icon.
- Let’s give it a descriptive name of Block Change Password. 
- Remove the flag from the Change Password feature here, and save the policy.

Apply this new policy to a single mailbox

In the next step, we will apply this new policy to a single mailbox as follows. Navigate to Recipients, then choose the desired mailbox. Apply the policy to the selected individual. In the right pane, go to Email Connectivity.

Select View Details. You will notice the field is empty, meaning the default policy gets applied. Click Browse… and select the new custom Block Password Change policy.

When logging into OWA for that specific mailbox user, you will notice the change password setting is not available anymore.

Also, see How to change your password in Outlook Web Access, how to block the Change Password Feature for All Users via the Exchange Administrative Center, and how to allow Password change for specific users in Exchange Server.

Apply this new policy to multiple mailbox users

In the last step, we will apply this new policy to multiple mailbox users as follows:
– Navigate to Recipients, then choose multiple mailbox users to apply the policy to.
– In the right pane, go to Outlook Web App.
-Select Assign a policy. This will open the Bulk assign Outlook Web App window.

Notice the field is empty, actually meaning the default policy gets applied. Click Browse and select the new custom Block Password Change policy we created earlier.

Now when your mailbox users go to log in to OWA, they will notice the change password setting is not available anymore.

I hope you found this blog post helpful on how to Block Change Password for Specific Exchange Users. If you have any questions, please let me know in the comment session.

Rate this post
Network | Monitoring Tags:

Related Posts

More Related Articles

descargar jitsi meet 2 700x336 1 How to setup and configure Jitsi as SoftPhone Network | Monitoring
enable or disable WinRM How to enable or disable WinRM via the command-line Network | Monitoring
azure resource groups 1 Setup Public Load Balancer in Azure AWS/Azure/OpenShift
Encapsulationset to Auto Error – Command rejected: An interface whose trunk encapsulation is “Auto” can not be configured to “trunk” mode Network | Monitoring
Access Synology Remotely How to create a Tailscale VPN connection to Synology NAS Backup
vmwarefrsd4 CVE-2021-31693: VMware Tools for Windows update addresses a denial-of-service vulnerability Network | Monitoring

Leave a Reply