Article ID: 315579 - View products that this article applies to.
This article was previously published under Q315579
We strongly recommend that all users upgrade to Microsoft Internet Information Services (IIS) version 7.0 running on Microsoft Windows Server 2008. IIS 7.0 significantly increases Web infrastructure security. For more information about IIS security-related topics, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/prodtech/IIS.mspxFor more information about IIS 7.0, visit the following Microsoft Web site:
When you attempt to change a password in Outlook Web Access (OWA) or browse one of the .htr files directly, or if you try to execute a Common Gateway Interface (CGI), Internet Server Application Programming Interface (ISAPI), or other executable program from a directory that does not allow programs to be executed, you may receive the following error message in the Web browser:
HTTP Error 403
403.1 Forbidden: Execute Access Forbidden
The Iisadmpwd virtual directory in the Internet Service Manager does not have script permissions.
To resolve this problem, follow these steps:
IIS 4.0 includes the capability that allows a Microsoft Windows NT 4.0 user to change passwords and to receive notification when a password is about to expire. IIS installs this functionality in the IISADMPWD virtual directory of the default Web site. This feature is implemented as a set of .htr files that are located in the %system%\System32\Inetsrv\Iisadmpwd directory and the ISAPI Ism.dll extension file.
For more information about how to configure IIS to support password changes, view the "Notifying Clients of Password Status" topic in the Windows NT 4.0 Option Pack documentation.
For more information, see the following Knowledge Base article:
(http://support.microsoft.com/kb/184058/EN-US/ )Unable to Change Password Using the IIS 4.0 Change Password Feature