Microsoft KB Archive/920139

= Clients take a long time to log off an OWA session after you publish an OWA server and configure OWA forms-based authentication in ISA Server 2004 =

Article ID: 920139

Article Last Modified on 12/4/2007

-

APPLIES TO


 * Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition
 * Microsoft Internet Security and Acceleration Server 2004 Standard Edition

-





SYMPTOMS
Consider the following scenario. You use a Web publishing rule in Microsoft Internet Security and Acceleration (ISA) Server 2004 to publish a Microsoft Outlook Web Access (OWA) server. You configure OWA forms-based authentication in ISA Server 2004. In this scenario, you find that it takes a long time to log off an OWA session.

Note This issue only occurs when you publish OWA servers in a closed environment where users have no access to the Internet.



CAUSE
When a client logs off an OWA session, Microsoft Internet Explorer may make two unnecessary HTTP POST requests to the following URLs:

http://activex.microsoft.com/objects/ocget.dll

http://codecs.microsoft.com/isapi/ocget.dll

This occurs if the S/MIME control is not installed on the OWA client. The OWA logoff program that is part of the forms-based authentication in ISA Server 2004 causes these unnecessary HTTP POST requests. Therefore, it may take a long time to log off an OWA session in a closed environment where users have no access to the Internet.



RESOLUTION
To resolve this issue, follow these steps:  Open the logoff_MSIERich_SMimeCap.htm file on the ISA servers that are part of the OWA server publishing. The logoff_MSIERich_SMimeCap.htm file is located inside the following folder:

%Windir%Program Files\Microsoft ISA Server\CookieAuthTemplates

 Back up the logoff_MSIERich_SMimeCap.htm file. Open the logoff_MSIERich_SMimeCap.htm file in Notepad, and then locate the following lines of code:

 <?IMPORT namespace=&quot;MIME&quot; implementation=#MimeNS>  function hres(iErr){return iErr + 0xffffffff + 1;} 

 Replace the lines of code that you located in step 3 with the following lines of code:

<SCRIPT language=&quot;JavaScript&quot;> if (oClientCaps.isComponentInstalled(&quot;{b0f84fec-95ad-4f3e-8fc0-6bc1bbadbf0d}&quot;, &quot;ComponentID&quot;)) { document.write(&quot;</OBJECT>&quot;); document.write(&quot;<?IMPORT namespace='MIME' implementation=#MimeNS>&quot;); } function hres(iErr){return iErr + 0xffffffff + 1;} </SCRIPT>

</li> Save the logoff_MSIERich_SMimeCap.htm file, and close Notepad.</li> Restart ISA services.</li></ol>

<div class="moreinformation_section">

MORE INFORMATION
If you replace the lines of code in the logoff_MSIERich_SMimeCap.htm file as described in the Resolution section, you must make sure that you use the following command to install the next ISA Server 2004 service pack (SP):

Msiexec /p .msp REINSTALL=ALL REINSTALLMODE=amus /l*vx! .log

Note Service_Pack_Name.msp is the name of the SP that you install. Logfile_Name.log is the file where you want all information to be logged in verbose format.

This command installs the updated version of the logoff_MSIERich_SMimeCap.htm file that will be included with the next ISA Server 2004 SP.

Note ISA Server 2004 SP2 is the current service pack.

<div class="references_section">