Thursday, November 29, 2012

Password change option also available in RD Web Access on Windows Server 2008 R2

A while back I posted about one of the new features on RD Web Access in Windows Server 2012: an option to change your password by using RD Web Access.
http://microsoftplatform.blogspot.nl/2012/03/rds-in-win8-feature-highlight-no_12.html

It seems that this option can also be made available on RD Web Access based on Windows Server 2008 R2.The option is not there by default but can be enabled by running a patch on your RD Web Access server.

Remember that the password change feature can be accessed by opening the password.aspx page, so for example https://<ServerName>/RDWeb/Pages/en-US/password.aspx. On a RD Web Access server running Windows Server 2008 R2 this file is not there be default.

image

The patch that creates the necessary files is:
http://support.microsoft.com/kb/2648402

Note that the KB Article does not really mention the fact that the password change option is also added. It’s actually related to fix a different, although somewhat related, issue.

The KB Article does however mention the passwords.aspx file.

image

After installing the patch (and a reboot that is required) the password.aspx file is created.

image

To enable the option we need to set a variable in IIS (the same as with RD Web Access Windows Server 2012).

image

After that, we’re able to browse to the password.aspx file and successfully change a password.

image

image

Thanks goes out to Alexey Astashin for pointing this out to me and updating the TechNet Wiki.http://social.technet.microsoft.com/wiki/contents/articles/10755.enabling-the-rd-webaccess-expired-password-reset-option-in-windows-server-2012.aspx

13 comments:

  1. This is amazing! Thanks for finding this, it fixes an issue we've been dealing with for years!

    ReplyDelete
  2. Hi Steve,

    Glad you liked I, thanks for the feedback!

    ReplyDelete
  3. Fills an obvious gap. Thanks for the heads-up.

    ReplyDelete
  4. This is amazing. It will be better if domain\username is auto fill for you when you login site. ? do you have any ideal for it ???

    ReplyDelete
    Replies
    1. You have to work with IIS Authentication to manage this.

      Delete
  5. This comment has been removed by a blog administrator.

    ReplyDelete
    Replies
    1. Great. Now if people ever need to buy a key randomly whilst searching for 2008 RDWeb password resets, they can. In fact, I'm getting the urge to go shopping online for keys right now. Thank god for you.

      Delete
  6. I have set everything as described, getting an invitation to change password, but the change is failing with the following message: "The user name or password that you entered is not valid. Try typing it again." The password change form is reset to empty again. I am using new compliant passwords. I am using correct current credentials. Password change is allowed on the account.

    ReplyDelete
  7. I've followed these steps but after attempting to change a password I get this message, "Your password cannot be changed. Please contact your administrator for assistance."

    I've reviewed this article: https://support.microsoft.com/en-us/kb/2793072 and have the hotfixes references installed.

    My lingering question is this: Is a domain required for this to work?

    ReplyDelete
    Replies
    1. Yes, I believe an AD domain would be required.

      Delete
  8. I've installed the hotfix, but the password.aspx file is still missing and nothing seems to have been updated. I've rebooted and uninstalled and reinstalled the patch and still nothing. Am running Windows Server 2008 R2 Standard [ver 6.1 (build 7601 SP1]. Both session host and web roles installed. It's a mystery!

    ReplyDelete
  9. I have a Windows 2008 R2 RDWeb server, To have the link permanent on the login page do you have to edit the login.aspx file as you did for the Windows 2012 R2 login.aspx? If so what line you add the Password Reset Utility?

    ReplyDelete
  10. I'm agree with your writing. I've already enabled as your tips.

    ReplyDelete