OWA Session timeout in 10 - 20 seconds- requests login again.

Exchange Server 2003 SP2

Configured OWA to use SSL and KB article to redirect automatically to HTTPS.

This works OK, you get the Premium login- all proceeds fine after login (prompted for server certificate) and then logged in OK.

You can browse Inbox, Notes, etc all seems fine but only for about 10 to 20 seconds. Then the folder list remains visible, but the internal frame goes back to the login page. This happens for all email users (including admin) and behaviour can be reproduced on localhost.

I have tried creating the OWA timeout key in the registry and set it to 10 mins (which is the default) with no luck.

I have resorted to using standard HTTP (non-ssl) web outlook and this works fine.

I feel the issue has something to do with the life of certificate, but don't really know where to start troubleshooting. Can someone please help?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

How exactly did you setup SSL?
Is it a purchased certificate or a self signed certificate?

daryl_jamesAuthor Commented:

The cert is from another 2003 server in our domain designated as the cert authority and was self-signed. This cert was requested and I followed article online at http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html to request and install on the mail server. This all worked fine.

I have disabled 'require SSL' to allow me to use non-ssl OWA, but still test using SSL OWA.

We also have another 2003 exhange server in our domain that has succesfully installed a cert from the main server and SSL OWA works fine there, so I doubt that there is something wrong on the cert authority server.

I've been through the process of requesting/pending and installing a replacement cert and although you can connect via SSL it still times out.

Does this have something to do with Forms Based Authentication session cookies timing out? I don't really know how to turn on FBA or to test it.

I have wasted so much time on this problem and can't seem to get any futher. Any ideas?

FBA is either on or off. No other settings to it through the standard windows.

ESM, Servers, <your server>, Protocols, HTTP. Right click on the Exchange Virtual Server and choose Properties. Click on the second tab. Disable or enable there.

The OWA cookie timeout can also be controlled with the OWA Admin tool. That is a free download from Microsoft. Make sure that you read the readme file, particularly the bit about installing it on a workstation, not the server.

For what its worth, I don't recommend using self signed SSL certificates for public facing applications like OWA. You should see what Internet Explorer 7.0 does with a self signed certificate.
I also don't recommend using the require SSL option. If you decide to use Windows Mobile devices at a later date you have to disable that option anyway.

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.


You refer this site only for exchange 2003 OWA timeout:
start from figure 4 of this above article .
daryl_jamesAuthor Commented:
Thanks Amaheshwari, but I have already tried turing off FBA, and also tried changing the OWA timeout. No- luck. It appears as though SSL is just broken on this Exchange server. I don't even think there is a problem with IIS or the OWA website.

I have 3 exchange servers in the same domain, 2 work just fine over SSL, the problem one connects fine and works for about 10 seconds then the session times out. It does the same for all users and can replicate problem logging on at console of server.

I have compared the config on those that work with the broken server and tried to copy the config exactly, but the problem persists and I have not been able to resolve this issue.

I'm out of ideas after several months of trying to fix it - looks like I might have to resort to a Microsoft Professional Support call. :(
daryl_jamesAuthor Commented:
I finally cracked it myself and am posting my resolution here to save someone else the pain!

I resolved the issue by following http://support.microsoft.com/default.aspx?kbid=883380 to delete/recreate the virtual directories for OWA, OMA and Exchange (Method 2).

1. I deleted the EXadmin, ExchWeb, Exchange, Microsoft-Server-ActiveSync, OMA and Public virtual directories in IIS Manager.

2.  Use \inetpub\adminscripts\AdsUtil.vbs with the following command

adsutil delete ds2mb

3. Restart Microsoft Exchange System Attendant services (and dependant services)

Thank you to all for your assistance.

Changed recommendation: PAQ - points refunded
PAQed with points refunded (500)

Community Support Moderator

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.