Question : OWA 2007 Password Change Working with ISA 2006 When it Should Not.

I have a Uni-Homed NLB pair of ISA 2006 Enterprise servers on the DMZ. We are using LDAP authentication to our DC's with the Global Catalog option selected. We had an enterprise certificate authority at one point but have decommissioned it and removed all certs to the best of our ability. The "Allow users to change their passwords" is not checked on the Web Listener.

I am wondering why my users can change their password using OWA. Based on what I've read it should be impossible without LDAPS. Am I missing something here? I am concerned that there may be an improper configuration of these servers and a security issue.

Answer : OWA 2007 Password Change Working with ISA 2006 When it Should Not.

You will need to disable it in Exchange as well the ISA function is different to the Exchange one see here for how: http://technet.microsoft.com/en-us/library/bb684904(EXCHG.80).aspx

Random Solutions

Feature ID not registered

Count records in dataset

VBA - Access/Excel: Scrolling through files in folder, and archiving

Why don't I have access?

Does Office 2003 SP3 include SP1 and SP2 ?

Help! Why are my desktop icons changing to "no program" icon?

Disable 'create profile' enquiry in Windows 7

the certificate is invalid for exchange server usage

Cisco VPN client on VISTA

.NET MySQL question