Allow password change from the RDWEB interface


You are in a full rds environment or almost and you want your users to change their password even from outside your network.

You have an infrastructure of the type:

  • x remote session host server(s)
  • 1 broker server
  • 1 RDS gateway
  • 1 access to RDWEB


Case 1: People outside the company when their password is expired it is impossible to log on.

Case 2: Users working on thin clients can not log in anymore because their password is expired.

Case 3: Users are working on off-domain positions.

Cause: The connections are blocked because of the authentication method, it is the broker server that first established this one and if the password is expired the connection fails.


The solution lies in the RDWEB service where the user will be allowed to change their password.

At least step 1 is sufficient, when a user has his password expired, simply log on to the RDWEB page to be invited to change password.

Step 1: Allow password change

First you have to activate the possibility of changing the password.

You have to change the application options on the IIS server.


Step 2: Allow password change at any time

To allow users to change their password whenever they want, you must add a link to the password change page.

You must modify the login.aspx file that is the RD WEB Access server in the following location: C: \ Windows \ Web \ RDWeb \ Pages \ en-US

Open the login.aspx file with a Notepad ++ type editor as administrator.

Look for the following lines:

 <tr id="trPasswordExpiredNoChange" <%=strErrorMessageRowStyle%> >
                    <td height="20">&#160;</td>
                    <td><span class="wrng"><%=L_PasswordExpiredNoChange_Text%></span></td>

And add after:

     <td align="right">
	<a href="password.aspx" title="Changer votre mot de passe">Cliquer ici</a> pour changer votre de passe.

Now on the login page, there should be a new link

By clicking on the link, users will arrive on the following form:

Now your users can change their password whenever they want and everywhere.

In addition to this article I invite you to read this one that will allow you to alert users of the expiration of their password at logon.



Related Posts

SOPHOS XG: clientless access
Clientless access presentation Client-free access to Sophos XG firewalls allows connections to corporate servers without a VPN client by going directly through an internet browser as Citrix does. Clientless access configure Firewall configuration 1.

How to deploy a rds farm Windows 2012R2/2016/2019
In this article, I will explain the step-by-step roll-out of a Windows 2012 R2 / 2016 RDS farm with the following features: Remote Desktop Session Host (x2) Service broker for distribution of connections Setting up a collection; Publishing RemoteApp

RDS Farm: High Availability Service Broker Configuration
As a follow-up to the article: Deploy a RDS Windows 2012 R2 / 2016/2019 farm, we will see in this tutorial how to configure the high availability service broker. This configuration is optimized for clients use as address of connection to the RDS serv

Leave a Comment