Configuring and changing password is one of the important tasks in securing an IT environment. At times, users do forget their passwords, or maybe the password is not strong enough, or the password is to be changed every month, so a password change is required by the user. Users can easily change password by themselves via OWA settings page. Or, Administrator can also reset user password from EAC console. So, you might find it difficult to reset user password in Exchange 2013 using EAC console.
Reset User Password in Exchange 2013
In Exchange Server 2013, user mailbox password can be changed by user from the user’s own OWA (Outlook Web Access) settings page or by an administrator from EAC (Exchange Admin Center). Changing password from user’s OWA setting is fairly easy. But if you want to reset password of particular user from EAC then you may not find the password reset option in the web console as you can see below.
This is because default Administrator user don’t have the permission to reset the password of the mailbox user account in default installation of Exchange 2013. Don’t know why Microsoft didn’t put this option by default. So we have to add the permission manually. To do so, open EAC and log in with Administrator user account. Click permissions in feature pane. Click admin roles tab. Here, you can see list of default role groups.
The Organization Management role group contains almost all the roles required except the reset password feature. By default, only Administrator is member of this group. So we need to add reset password role to the Organization Management role group. Now double-click Organization Management role group. You will see following page.
In the above page, click the Add button under Roles. A new page will pop up showing the list of all the roles available as seen below.
Select Reset Password role. You can see the description of this role in the right pane shown above. Click add button to add the role and then click OK. Now click save to save the settings. Log out from administrator user and log back in. If you are successful then read the next paragraph. But, if you get error, “You don’t have access to create, change, or remove the “Reset Password-Organization Management” management role assignment. You must be assigned a delegating role assignment to the management role or its parent in the hierarchy without a scope restriction”. Then type following commands in Exchange Management Shell to re-install the RBAC roles. After running the following commands exit EMS and open again. Similarly, log out and log in to EAC as well. Now try adding the reset password role to the role group Organization Management again.[PS] C:\Windows\system32> Add-pssnapin microsoft* [PS] C:\Windows\system32> Install-CannedRbacRoles [PS] C:\Windows\system32> Install-CannedRbacRoleAssignments
Click the recipients feature pane. Click mailboxes tab. Double-click the mailbox to open the properties. You can now see reset password option in the general tab.
So this is how you give yourself privilege to reset the password of any user mailbox account in your Exchange environment.