Category Archives: 13196

Fix for OWA always uses Light Mode for some users

This article explains the difference between OWA Light Mode and Premium Mode and why some users may only see the Light Mode client, even though they haven’t selected it at logon.
Exchange 2007 Outlook Web Access and Exchange 2010 Outlook Web App offer two different modes for viewing OWA – Premium Mode, with all the bells and whistles that Internet Explorer can muster, and Light Mode, which provides fewer features and is sometimes faster.  You would usually use the Light client if you are on a slow connection or using a computer with unusually strict browser security settings.
If you are using a browser other than Internet Explorer 6 or later for OWA 2007, you can only use the Light client.  OWA 2010 supports the full Outlook Web App experience (aka Premium Mode) on Internet Explorer 7 and some other browsers on Windows, Mac, and Linux computers.  To check out all the supported browsers and operating systems for OWA 2010, click here.

Here’s a comparison between the Outlook Web Access 2007 Light and Premium clients:

And here’s a comparison between the Outlook Web App 2010 Light and Premiun clients:
Normally, users will default to use the Premium Mode client if they are using IE6 or better for OWA 2007 or IE7 or better for OWA 2010.  However, you may hear complaints from some users that they always get the Light Mode client, regardless of whether they selected to use it or not when they logged in.  This happens if the user selected to use “the blind and low vision experience” when logging into OWA for the first time.
To disable this mode and allow IE to use the Premium Mode, have the user login to OWA and open Options in the upper right corner.  Then select Accessibility and clear the checkbox for Use the blind and low vision experience, as shown below.
Now have the user sign out of OWA and sign back in.  They should be using OWA Premium Mode, providing they are using a supported browser.

The New Exchange 2007 SP3 Password Reset Tool

Exchange Server 2007 Service Pack 3 includes a handy new web page that allows users to change their password before logging into Outlook Web Access (OWA).

Previously, new users who are required to change their password at next logon or users whose password has expired cannot log on to OWA.  They will get the less than helpful error from the OWA, “The user name or password that you entered is not valid. Try entering it again”, as shown below:


In order to logon to OWA, the user must logon to the network, enter their old password and the new password.  Obviously, this causes problems for remote users whose password has expired or for new users who must change their password before logging in for the first time.

Exchange 2007 SP3 introduces a new SSL web page for these users that allows the user to change their password outside of OWA.  The page tells the user, “Your password has expired and you must change it prior to signing in to Microsoft Outlook Web Access.”


Once the user changes their password, the page redirects the user back to OWA.

This new functionality is not enabled by default, since some organizations do not allow password changes from outside the internal network.  To enable it:

  • Logon to the CAS with administrator rights
  • Run Regedit and navigate to HLKM\SYSTEM\CurrentControlSet\services\MSExchange OWA
  • Create a new DWORD (32-bit) Value called ChangeExpiredPasswordEnabled
  • Assign the ChangeExpiredPasswordEnabled value: 1
  • Restart IIS using IISRESET /NOFORCE from the command line

Surprisingly, this functionality does not exist in Exchange Server 2010 (or the SP1 beta).  I hope Microsoft decides to implement this when Exchange 2010 SP1 is finally released.  It’s a pretty handy feature!

How to add a "Log On Again" button to the Exchange 2007 OWA Log Off page

Note: Click here to view how to add the Sign In Again button to Exchange Server 2010.

By default when you click “Log Off” in OWA 2007, Exchange 2007 directs you to a page that explains that you have successfully logged off from Outlook Web Access.  The only button available, “Close Window“, closes the existing browser window or tab.  This article explains how to add a “Log On Again” button to the logoff.aspx page, as shown below:

To add the Log On Again button, follow these steps on each Exchange 2007 Client Access Server (CAS):

  • Logon to the CAS using a local Administrator account.
  • Using Windows Explorer, navigate to the  %ProgramFiles%\Microsoft\Exchange Server\ClientAccess\Owa\auth folder and make a copy of the logoff.aspx file for backup.
  • Edit the logoff.aspx file using Notepad.
  • Use Find to search for the word logoffclose.  In Exchange 2007 SP2 this will be line 115.
  • Insert the following code before this line, as a single line:

<input id=”btnCls” type=”submit” class=”btn” title=”Click here to log on again” value=”Log On Again” onclick=”window.navigate(‘‘)” onmouseover=”this.className=’btnOnMseOvr'” onmouseout=”this.className=’btn'” onmousedown=”this.className=’btnOnMseDwn'”>

  • Edit the line above to use your company’s URL for OWA. 
  • Save the logoff.aspx file.
  • Copy the new logoff.aspx file to the same file path on all your CAS servers.

Remember that applying any Exchange 2007 Service Pack or Update Rollup to your CAS servers will overwrite the changes you made, so create a copy of the edited logoff.aspx file to reapply the Logon Again button after the update.  Also know that Service Packs and Update Rollups could possibly include changes to the logoff.aspx page, so you may need to follow these steps again to edit the new page included in the update.

How to Configure Change Password for OWA 2003/2007/2010 Mixed Environments

The Change Password feature in OWA will break when you reconfigure the environment to use Exchange 2007 or Exchange 2010 CAS servers as front-end servers for Exchange 2003 mailbox servers.  This is because the the CAS server don’t have the necessary ASP pages installed that OWA 2003 links to.

telnetPORT25 wrote a great article explaining the step-by-step process, along with screenshots, to fix this problem.  I’m listing the high-level steps here (mainly to act as my long-term memory).

  • Logon to the Exchange 2007/2010 CAS server
  • Copy the %SystemRoot%\System32\inetsrv\iisadmpwd folder and files from the OWA 2003 FE server to the CAS server’s %SystemRoot%\System32\inetsrv folder
  • Open IIS Manager and add a new Virtual Directory off the Default Web Site named IISADMPWD with a physical path of %SystemRoot%\System32\inetsrv\iisadmpwd
  • Right-click the new IISADMPWD virtual directory and select Convert to Application
  • Select the MSExchangeOWAAppPool
  • Restart IIS (iisreset /noforce or select the server in IIS Manager and click Restart)