Hi you all.the last 2 days i am spending my time sorting this problem out.I followed lots of Kb's and other resources but none of them result in a solution for me.I have 2 windows 2003 mailservers withSP2 and exchange 2003 on them.Its a front-end back-end configuration, with on the front-end OWA enabled.We also configured SSL and FBA.Users are able to change the password through OWA without any problems.But when you are forced to change the password by AD you wil get an 403forbidden error right after you entered the new password and hit enter.So you can login fine, you will get the "you have to change your password" screen and you are able to put in new credentials, right after that it all goes wrong and a 403 forbidden page pops up.i followed http://technet.microsoft.com/en-us/library/bb684904.aspxand http://support.microsoft.com/default.aspx/kb/833734also using domainname\username in the user field doesn't change anythingand i am sure these settings are correct:-"Active Server Pages" under the web service extensions is Allowed -Set the ChangepasswordFlags to 0 -Enable SSL on IISADMPWD virtual directory -regsvr32 c:\windows\system32\inetsrv\iisadmpwd\iispwchg.dll users report this from inside and outside the lan..Really don't know what to do anymore,i know it must have something to do with the way users authenticate in IIS but just can't get it to work!

Check info: 1. The issue only happens when forces the password change in the ADUC, right? The change works when the password has expired, or users manually change the password in OWA? 2. Has the force password change ever worked before? 3. Is there any error event in the application log on the exchange server when the issue occurred? Troubleshooting: 1. Please disable password changing and expiration notification cscript.exe adsutil.vbs set w3svc/passwordchangeflags 6 2. Where do you set the passwordchangeflags to 0? If the value above doesnt work either, please you may need to also enter the following cscript adsutil.vbs set w3svc/<identifier>/PasswordChangeFlags 0 3. You will also want to configure the IISADMPWD virtual directory to run in ExchangeApplicationPool 4. Please enable the IIS log and reproduce the issue, see if theres any relevant error info 5. Please see the Troubleshooting section in KB 297121 Resources:"HTTP Error 403" Error Message When Password Changed with OWA or Iisadmpwd The PasswordChangeFlags metabase property may be set to 6 in IIS 6James Luo TechNet Subscriber Support (http://technet.microsoft.com/en-us/subscriptions/ms788697.aspx) If you have any feedback on our support, please contact tngfb@microsoft.com

any update?James Luo TechNet Subscriber Support (http://technet.microsoft.com/en-us/subscriptions/ms788697.aspx) If you have any feedback on our support, please contact tngfb@microsoft.com

Excuse me been away unexptectly for a while.the update:1.yes thats true2.no.3.No, no error event is logged in the event viewer.Troubleshooting update:1. done, doesn't do anything (this is set on the frontend server)2. done, doesn't change anything3.This was allready the case.4. log allready enabed, no infoboth links already tried..no succes.

Hi All.. This is my first post here.. Has the above issue resolved some how? I am having this issue on Windows 2003 R2 SP2/Exchange 2003 SP2.. Any help would be hihly appreciated.. Thank you all