Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

How To Log Out Of OWA And ECP for Exchange 2013 Using ESP

Scope

When using the Edge Security Pack (ESP) feature for pre-authentication to Microsoft Exchange 2013 and basic authentication, you may experience an issue where logging out of Exchange Outlook Web Access (OWA) is prevented by a browser pop-up message saying Please close all browser windows to continue. This is the result of a change in the Exchange product.

Historically, the logoff string was:

/owa/logoff.owa

The new string is:

/owa/auth/signout.aspx

There should be a redirect set up from the old string to the new one but this would not work with a load balancer as an intermediary.

Solution

To make it work properly, you must modify a file on the Client Access Server (CAS), or servers.

Note: This only applies to Exchange 2013 and has to be done after every Cumulative Update (CU) again because this change is removed with each update.

The early Cumulative Updates (CU) caused this and from approximately CU 11, the logoff string could only be triggered with form-based authentication set on the server side.

Configuration

Navigate to the following file using a text editor:

(Local Drive)\Program Files\Microsoft\Exchange Server\V15\ClientAccess\Owa\web.config

Search for signoutkind.

Comment the line out by adding <!-- at the beginning and --> at the end. Save the file and reboot the server (an IISReset might not be sufficient).

In the Exchange Virtual Service on the LoadMaster, modify the SubVS for OWA and expand the ESP Options section. Enter /owa/auth/signout.aspx in the Logoff String field.


Was this article helpful?
0 out of 0 found this helpful

Comments