Outlook Web App users are unable to reset their passwords within OWA

New Contributor

We are having issues where many of our Outlook Web App users are unable to reset their passwords within OWA. (Options -> General -> My Account -> Change your password). When they try they receive the windows where they are able to type in the new password, but when they choose “Save” they get the following error:

 

"There was a problem saving your changes. Please try again. If the problem continues, contact support".

 

It has nothing to do with password security or password history as those give the correct error: "The password you entered doesn’t meet the minimum security requirements”. And it is not affecting all users - for example I was able to change my password using that feature, but the majority of users cannot.

 

We are using on-prem Exchange Server 2016, Version 15.1, build 1913.5 on Windows 2016 servers, build 14393.3474. We have three servers.

 

I tried some experiments to see if anything would allow a password change:

 

  • Users are able to change their password if passwords have expired and the user is prompted on the home page of OWA.
  • I am able to change the password for a test account on one of the Exchange servers using https://localhost/owa and then Options -> General -> My Account -> Change your password.
  • I am able to change the password for a test account in a browser using the public IP address for OWA in place of our URL, i.e. https://xxx.xxx.xxx.xxx/owa versus https://domainname/owa

These same test accounts threw the error when using the URL. I do not see anything in the event logs.

 

This is a huge concern for us as about two thirds of our users primarily use OWA and would prefer to change their passwords before they expire.  I don’t know if this is an Exchange error or an IIS error or even a certificate error. The certificate is current and was renewed recently (November 2019).

 

I opened a support case 2 days ago with Microsoft and have not received a response (different issue). Does anyone have any ideas?

1 Reply

the problem turned out to be that the users had "lost" their OWA policy in Exchange. Reapplying the OWA policy under permissions fixed the issue.