Exchange 2013 CU1 Outlook Web App LogOff with Basic or Windows Integrated Authentication

Hi all,

Exchange 2013 CU1 has a new OWA LogOff behaviour when Basic or Windows Integrated Authentication is configured. When clicking the LogOff Button you receive the message "Close All your Browser Windows.." but OWA does not sign out. This is not the case when using Formbased Authentication...

The problem in our case is the OWA publishing over the Internet via TMG. When publishing via TMG, only Basic and NTLM authentication is supported. This means you have to change the Authentication for the OWA Virtual Directory to basic or Windows Integrated. OK so far, now we can use the TMG Authentication Form. but... TMG is not able to Catch the OWA LogOff. So we will still receive "Close all your Browser Settings.." and no log out from OWA.

It is a known issue that TMG cannot catch the OWA Logoff with the Exchange 2013 CU1 Release..So my Question: Does anyone get that "Real LogOut" fixed via TMG or directly on the CAS Server for Exchange 2013 CU1?

I know another possibility is to activate Form Based Authentication on the CAS Servers and external users directly authenticate against the CAS Server without pre-authentication at TMG Level, but this of course does not provide the highest security we can have.



  • Edited by SLShare Friday, June 21, 2013 9:11 AM
June 21st, 2013 9:09am

Hi SLShare,

As far as I know, if there is no TMG involved, with Exchange 2013 when the user signs out of mail, the authentication tokens are cleared and the user will be presented with the Login Screen.  There will not be a need to click on "Close Window" or any other pop ups that may appear.

Therefore, you may ask the TMG forum about this question and see whether there are still some other workaround we can temporary bypass this issue. For your convenience:

Forefront TMG and ISA Server Forum - TechNet - Microsoft

http://social.technet.microsoft.com/Forums/forefront/en-US/home?forum=Forefrontedgegeneral

Thanks,

If you have feedback for TechNet Subscriber Support, contact tnsfl@microsoft.com

Free Windows Admin Tool Kit Click here and download it now
June 22nd, 2013 4:20am

Hi,

Is there any good news from the TMG forum?

Thanks,

If you have feedback for TechNet Subscriber Support, contact tnsfl@microsoft.com

June 24th, 2013 3:04am

Any news?

I got the same issue with TMG and Exchange 2013 CU3.

Free Windows Admin Tool Kit Click here and download it now
January 27th, 2014 2:22pm

Hi, anyone got an update on this?

Seeing the same with UAG > Exhcnage 2013 CU3

User is not signed out unless entire browser is closed and not just the current tab. Can't rely on user education for this one...

February 4th, 2014 9:53am

Just to add it's all browsers
Free Windows Admin Tool Kit Click here and download it now
February 4th, 2014 11:01am

Has anyone found a solution for this ? It's really annoying ....
May 24th, 2014 10:38pm

Would just like to add that I too am looking for a solution. I know that TMG is no longer officially supported but it is not end of life either.
Free Windows Admin Tool Kit Click here and download it now
June 8th, 2014 2:46am

As anyone found a solution to this anoying problem yet?

Thanks

August 19th, 2014 11:29am

I am working on a Azure Application Proxy with Azure Application Proxy connector with OWA on Exchange 2013, and it has the exact same result with the user either not being prompted at all to log out and the page just flickers or they get the pop up to log out.

Now in my lab which I have setup using ADFS, Azure App Proxy, Azure App Proxy Connector, and OWA on Exchange 2013 everything works perfect, when I click sign out I am taken to a forms based OWA page.

Both environments have ADFS with a relying party trust to Azure, Azure App Proxy setup with Azure pre-authentication and Windows Authentication, Azure App Proxy Connector configured with a Kerberose Constraint Delegation for the Exchange 2013 Server. Both are using just Windows Authentication set on OWA.

The only thing I can think of is there is something different about the two logoff.aspx files.

Free Windows Admin Tool Kit Click here and download it now
July 20th, 2015 3:21pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics