Strict Standards: Non-static method Settings::setHostName() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\AutoConfig.php on line 20

Strict Standards: Non-static method Settings::addHostAlias() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\AutoConfig.php on line 22

Strict Standards: Non-static method Settings::setSiteRoot() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\AutoConfig.php on line 28

Strict Standards: Non-static method Settings::setDsn() should not be called statically in C:\website\www.networksteve.com\exchange\_site\Config.php on line 16

Strict Standards: Non-static method Settings::setTitle() should not be called statically in C:\website\www.networksteve.com\exchange\_site\Config.php on line 19

Strict Standards: Non-static method Settings::setDescription() should not be called statically in C:\website\www.networksteve.com\exchange\_site\Config.php on line 20

Strict Standards: Non-static method Settings::setSiteRoot() should not be called statically in C:\website\www.networksteve.com\exchange\_site\Config.php on line 24

Strict Standards: Non-static method Settings::setShowDeleted() should not be called statically in C:\website\www.networksteve.com\exchange\_site\Config.php on line 31

Strict Standards: Non-static method Settings::setRecentTopicsDuration() should not be called statically in C:\website\www.networksteve.com\exchange\_site\Config.php on line 36

Strict Standards: Non-static method Settings::test() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Init.php on line 28

Strict Standards: Non-static method Skin::test() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Init.php on line 29

Strict Standards: Non-static method Settings::getSkin() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Skin.php on line 102

Strict Standards: Non-static method Settings::getSiteRoot() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Init.php on line 32

Strict Standards: Non-static method Settings::getDsn() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Init.php on line 35

Strict Standards: Non-static method Form::field() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Init.php on line 39

Strict Standards: Non-static method Form::fieldExists() should not be called statically, assuming $this from incompatible context in C:\website\www.networksteve.com\exchange\_lib\Entity\User.php on line 92

Strict Standards: Non-static method Form::fieldExists() should not be called statically in C:\website\www.networksteve.com\exchange\topic.php on line 15

Strict Standards: Non-static method Form::field() should not be called statically in C:\website\www.networksteve.com\exchange\topic.php on line 17

Strict Standards: Non-static method Settings::getShowDeleted() should not be called statically, assuming $this from incompatible context in C:\website\www.networksteve.com\exchange\_lib\Entity\Topic.php on line 138

Strict Standards: Non-static method Entity_Post::queryPosts() should not be called statically in C:\website\www.networksteve.com\exchange\topic.php on line 21

Strict Standards: Non-static method Settings::getShowDeleted() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Entity\Post.php on line 111

Strict Standards: Non-static method Skin::showHeader() should not be called statically in C:\website\www.networksteve.com\exchange\topic.php on line 23

Strict Standards: Non-static method Skin::includeFile() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Skin.php on line 46

Strict Standards: Non-static method Settings::getSkin() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Skin.php on line 91
How does Exchange handle disabled/expired Active Directory accounts? (Network Steve Forum)
How does Exchange handle disabled/expired Active Directory accounts?
Hello all, I am hoping someone can clarify this for me. If you disable or expire an account, does it take a while for those changes to take affect in regards to OWA? What I've noticed from my test network is: Exchange 2003: disabling or expiring an account will still allow mail to be sent to the mailbox, but trying to login via OWA is disabled as soon as the account is expired. Exchange 2010: disabling or expiring an account will still allow mail to be sent to the mailbox, but there is a short period of time where a user can still login to OWA even while the account is disabled or expired. Exchange 2007: I am not sure about this as I don't have this in my test lab. Am I correct in my observations? If so, why is there a window where a user can access OWA with a disabled account in Exchange 2010? Thanks!
July 11th, 2010 2:20pm

With your 2010 lab how long is that period and was the account disabled whilst someone was already logged on or did you disable the account and then try to log on? "in2jars" wrote in message news:c9c7dc0f-ec07-43aa-b6bc-e9cae27c4cf7... Hello all, I am hoping someone can clarify this for me. If you disable or expire an account, does it take a while for those changes to take affect in regards to OWA? What I've noticed from my test network is: Exchange 2003: disabling or expiring an account will still allow mail to be sent to the mailbox, but trying to login via OWA is disabled as soon as the account is expired. Exchange 2010: disabling or expiring an account will still allow mail to be sent to the mailbox, but there is a short period of time where a user can still login to OWA even while the account is disabled or expired. Exchange 2007: I am not sure about this as I don't have this in my test lab. Am I correct in my observations? If so, why is there a window where a user can access OWA with a disabled account in Exchange 2010? Thanks! Mark Arnold, Exchange MVP.
Free Windows Admin Tool Kit Click here and download it now
July 11th, 2010 3:40pm

I am not sure how long exactly. I think it was longer than 30 minutes. I was logged on under another user in Windows. I just tried logging in OWA as the account I had disabled. So, I disabled the account, then tried to login in with OWA and it let me. My test lab has a 2003 and 2010 server in it (I was testing out a transition from 2003 to 2010). I did not think this was the behavior with 2003, so just to test I created a test user and placed their mailbox on the 2003 server. When I disabled the account and then tried to log in via OWA (with the URL of the 2003 machine so their is no redirection or anything to worry about) it would not let me. So the disabling was immediate on 2003.
July 11th, 2010 3:55pm

Hi, After disabling the mailbox account, just run IISReset on command line on Exch 2010 CAS server, and then it won't let you login. Regards,Laeeq Qazi|Team Lead(Exchange + Sharepoint + BES + DynamicsCRM) www.HostingController.com
Free Windows Admin Tool Kit Click here and download it now
July 11th, 2010 6:13pm

Hi, After disabling the mailbox account, just run IISReset on command line on Exch 2010 CAS server, and then it won't let you login. Regards, Laeeq Qazi|Team Lead(Exchange + Sharepoint + BES + DynamicsCRM) www.HostingController.com OK, I am wondering if this is by design or not? If I disable an account is there really a period of time where someone could still log in with OWA?
July 11th, 2010 6:26pm

Hi, Yes, that's by design in Exchange 2007 and Exchange 2010. I can reproduce this issue. Thanks Allen
Free Windows Admin Tool Kit Click here and download it now
July 15th, 2010 8:08am

Hi, Sorry to re-awaken this one - but it is something I'm very interested in getting to the bottom of. I'm geting the same OWA issue in Exchange 2010 and was wondering if there was a way to prevent the behviour of users still being able to login to OWA, despite being locked or disabled. Is there a way to minimise this 'window of oppotunity'? Thanks, Chris
February 25th, 2011 6:52am

That's interesting to know. I would have expected that users in 2007/2010 would not be able to login as soon as Exchange gets notification of the change.
Free Windows Admin Tool Kit Click here and download it now
February 25th, 2011 7:00am

I think it's simply that notification interval that is the issue - it just seems (for me) too long.
February 25th, 2011 7:48am

By design, please refer to articles below. Changing the Default Interval for User Tokens in IIS http://support.microsoft.com/default.aspx?scid=kb;EN-US;152526 XWEB: Mailbox Access via OWA Depends on IIS Token Cache http://support.microsoft.com/kb/173658 James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com
Free Windows Admin Tool Kit Click here and download it now
February 25th, 2011 8:15am


Strict Standards: Non-static method Settings::getRecentTopicsLimit() should not be called statically, assuming $this from incompatible context in C:\website\www.networksteve.com\exchange\_lib\Entity\Topic.php on line 120

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics

Strict Standards: Non-static method Skin::showFooter() should not be called statically in C:\website\www.networksteve.com\exchange\topic.php on line 121

Strict Standards: Non-static method Skin::includeFile() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Skin.php on line 56

Strict Standards: Non-static method Settings::getSkin() should not be called statically in C:\website\www.networksteve.com\exchange\_lib\Skin.php on line 91