Have you read this http://technet.microsoft.com/en-us/library/bb684904.aspx ? I didn't read it completely, but it is mentioning on it your case "users with the password already expired or with the user must change at next logon selected", let me know if that works, so I can implement it :) Regards Diego R. Pietruszka MIS - Shift Manager MSC (USA) - Interlink Transport Technologies Direct Phone: (908)605-4147 From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew Hodgson Sent: Wednesday, July 22, 2009 8:28 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: ISA 2006, Outlook anywhere, and passwords Hi, That was what we originally suggested to them to use, however, they never did this, and I wanted to know whether there was a way of replicating the sequence if a password had expired and the user logged into a workstation, the user would get the change password now prompt. Also, it causes a security issue where we can't force the user to change the password at next login, as even though we tell them to use OWA, they never do once the helpdesk reset their password to a known value. Thanks. Andrew. Andrew Hodgson Senior Systems Administrator/Projects Engineer Direct Line Tel: 01432 852332 Email: andrew.hodgson@xxxxxxxxxx Please do not print this email unless absolutely necessary. From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of D PIETRUSZKA USWRN INTERLINK INFRA SHIFT MGR Sent: 22 July 2009 12:45 To: isalist@xxxxxxxxxxxxx Subject: [isalist] Re: ISA 2006, Outlook anywhere, and passwords Well, OWA have a change password option, why they don't use that? Of course when the password is expired you are late, but they can change it before that at any time and from any IE. Regards Diego R. Pietruszka MIS - Shift Manager MSC (USA) - Interlink Transport Technologies Direct Phone: (908)605-4147 From: isalist-bounce@xxxxxxxxxxxxx [mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Andrew Hodgson Sent: Wednesday, July 22, 2009 7:09 AM To: isalist@xxxxxxxxxxxxx Subject: [isalist] ISA 2006, Outlook anywhere, and passwords Hi, We have ISA 2006 and a password policy which expires passwords on x number of days. We are finding that we have several users with Outlook Anywhere using plain authentication (not NTLM), and they are out of the office most of the time. When these users have expired passwords, they can't log onto Outlook Anywhere, and when they try to log into OWA, this fails as well (it actually fails on the ISA box itself). Is there any way to provide these users with a mechanism to change their passwords externally every so often through a feature in ISA? Thanks. Andrew. Andrew Hodgson Senior Systems Administrator/Projects Engineer Direct Line Tel: 01432 852332 Email: andrew.hodgson@xxxxxxxxxx Please do not print this email unless absolutely necessary. [cid:image001.gif@01CA0AA8.95CFAF80] allpay achieved PCI DSS and ISO 27001 certification in 2008 Registered in England No. 02933191. UK VAT Reg. No. 666 9148 88. Telephone: 0844 225 5729, Fax: 0844 557 8350. Website: www.allpay.net Email: enquiries@xxxxxxxxxx<mailto:enquiries@xxxxxxxxxx> This email, and any files transmitted with it, is confidential and intended solely for the use of the individual or entity to whom it is addressed. If you have received this email in error please notify the allpay Information Security Manager at the number above.