OWA Session timeout in 10 - 20 seconds-  requests login again.

Posted on 2006-04-27
Last Modified: 2008-01-09
Exchange Server 2003 SP2

Configured OWA to use SSL and KB article to redirect automatically to HTTPS.

This works OK, you get the Premium login- all proceeds fine after login (prompted for server certificate) and then logged in OK.

You can browse Inbox, Notes, etc all seems fine but only for about 10 to 20 seconds. Then the folder list remains visible, but the internal frame goes back to the login page. This happens for all email users (including admin) and behaviour can be reproduced on localhost.

I have tried creating the OWA timeout key in the registry and set it to 10 mins (which is the default) with no luck.

I have resorted to using standard HTTP (non-ssl) web outlook and this works fine.

I feel the issue has something to do with the life of certificate, but don't really know where to start troubleshooting. Can someone please help?
Question by:daryl_james
    LVL 104

    Expert Comment

    How exactly did you setup SSL?
    Is it a purchased certificate or a self signed certificate?


    Author Comment


    The cert is from another 2003 server in our domain designated as the cert authority and was self-signed. This cert was requested and I followed article online at to request and install on the mail server. This all worked fine.

    I have disabled 'require SSL' to allow me to use non-ssl OWA, but still test using SSL OWA.

    We also have another 2003 exhange server in our domain that has succesfully installed a cert from the main server and SSL OWA works fine there, so I doubt that there is something wrong on the cert authority server.

    I've been through the process of requesting/pending and installing a replacement cert and although you can connect via SSL it still times out.

    Does this have something to do with Forms Based Authentication session cookies timing out? I don't really know how to turn on FBA or to test it.

    I have wasted so much time on this problem and can't seem to get any futher. Any ideas?

    LVL 104

    Expert Comment

    FBA is either on or off. No other settings to it through the standard windows.

    ESM, Servers, <your server>, Protocols, HTTP. Right click on the Exchange Virtual Server and choose Properties. Click on the second tab. Disable or enable there.

    The OWA cookie timeout can also be controlled with the OWA Admin tool. That is a free download from Microsoft. Make sure that you read the readme file, particularly the bit about installing it on a workstation, not the server.

    For what its worth, I don't recommend using self signed SSL certificates for public facing applications like OWA. You should see what Internet Explorer 7.0 does with a self signed certificate.
    I also don't recommend using the require SSL option. If you decide to use Windows Mobile devices at a later date you have to disable that option anyway.

    LVL 18

    Expert Comment


    You refer this site only for exchange 2003 OWA timeout:
    start from figure 4 of this above article .

    Author Comment

    Thanks Amaheshwari, but I have already tried turing off FBA, and also tried changing the OWA timeout. No- luck. It appears as though SSL is just broken on this Exchange server. I don't even think there is a problem with IIS or the OWA website.

    I have 3 exchange servers in the same domain, 2 work just fine over SSL, the problem one connects fine and works for about 10 seconds then the session times out. It does the same for all users and can replicate problem logging on at console of server.

    I have compared the config on those that work with the broken server and tried to copy the config exactly, but the problem persists and I have not been able to resolve this issue.

    I'm out of ideas after several months of trying to fix it - looks like I might have to resort to a Microsoft Professional Support call. :(

    Author Comment

    I finally cracked it myself and am posting my resolution here to save someone else the pain!

    I resolved the issue by following to delete/recreate the virtual directories for OWA, OMA and Exchange (Method 2).

    1. I deleted the EXadmin, ExchWeb, Exchange, Microsoft-Server-ActiveSync, OMA and Public virtual directories in IIS Manager.

    2.  Use \inetpub\adminscripts\AdsUtil.vbs with the following command

    adsutil delete ds2mb

    3. Restart Microsoft Exchange System Attendant services (and dependant services)

    Thank you to all for your assistance.

    LVL 20

    Expert Comment

    Changed recommendation: PAQ - points refunded

    Accepted Solution

    PAQed with points refunded (500)

    Community Support Moderator

    Featured Post

    Free Trending Threat Insights Every Day

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Learn more about how the humble email signature can be used as more than just an electronic business card. When used correctly, a signature can easily be tailored for different purposes by different departments within an organization.
    Set OWA language and time zone in Exchange for individuals, all users or per database.
    In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
    The video tutorial explains the basics of the Exchange server Database Availability groups. The components of this video include: 1. Automatic Failover 2. Failover Clustering 3. Active Manager

    755 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now