How To Log Out Of OWA And ECP Using ESP

Scope

When using the Edge Security Pack (ESP) feature for Pre-Authentication to Microsoft Exchange 2013, you may experience an issue where logging out of Exchange Outlook Web Access is prevented by a browser pop-up message saying “Please close all browser windows to continue”. This is the result of a change in the Exchange product.

Historically, the logoff string was:

/owa/logoff.owa

The new string is:

/owa/auth/signout.aspx

There should be a redirect set up from the old string to the new one, but this would not work with a load balancer as an intermediary.

Solution

In order to make it work properly, you will have to modify a file on the CAS server(s).

Please note, this applies only to Exchange 2013.

Configuration

Navigate to the following file using a text editor:

(Local Drive)\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa\web.config

Search for signoutkind.

Comment the line out by adding <!-- at the beginning and --> at the end. Save the file and reboot the server (an IISReset might not be sufficient).

In the Exchange Virtual Service on the LoadMaster, modify the SubVS for OWA and expand the ESP Options section. Enter /owa/auth/signout.aspx in the Logoff String field.

Was this article helpful?

0 out of 0 found this helpful

Comments

Avatar
piotr.potocki

Hello,

Please provide how to set logoff string for Exchange 2016 CU3 and above.

We have trouble to do this.