Microsoft KB Archive/927907
Article ID: 927907
Article Last Modified on 11/27/2007
- Microsoft Exchange Server 2003 Enterprise Edition
- Microsoft Exchange Server 2003 Standard Edition
- Microsoft Exchange 2000 Enterprise Server
- Microsoft Exchange 2000 Server Standard Edition
When you try to log off from Microsoft Office Outlook Web Access on a front-end server that is running Microsoft Exchange Server 2003 or Microsoft Exchange 2000 Server, you are not logged off.
For example, when you click Log Off in Outlook Web Access, you are prompted to enter network credentials. When you enter the network credentials, and then click OK, you are still not logged off.
This issue may occur because of one of the following reasons.
The file level permissions on the following file are incorrect:
Note The placeholder for the
locale folder name depends on the HTTP header that the client sends with every browser request to the Outlook Web Access server. This HTTP header is the Accept-Language header. For example, if the Accept-Language header is English (United States)[en-us], the
locale folder will be usa.
The AuthNTLM metabase flag on the /exchweb/bin virtual directory is set to True. This configuration is not valid on a front-end server that is running Exchange 2003 or Exchange 2000.
To resolve this issue, use one or more of the following methods, as appropriate for your situation.
Method 1: Configure appropriate permissions for the Logoff.asp file
You must configure the appropriate permissions for the Logoff.asp file. To do this, follow these steps:
- In Windows Explorer, locate the following folder:
- Right-click the Logoff.asp file, and then click Properties.
- Click the Security tab.
- Configure the following permissions for the Logoff.asp file. The default permissions for this file are as follows.
Accounts Permissions Administrator Full Control Authenticated users Read & Execute, Read CREATOR OWNER Special Server Operators Modify, Read & Execute, Read, Write, Special System Full Control
- Close Windows Explorer.
Method 2: Configure Basic authentication on the bin virtual directory
You must change the authentication method on the bin virtual directory from Integrated Windows authentication to Basic authentication. To do this, follow these steps:
- Start Internet Information Services (IIS) Manager.
Server_Name(local computer), expand Web Sites, expand Default Web Site, and then expand ExchWeb.
- Right-click bin, and then click Properties.
- Click the Directory Security tab.
- Under Authentication and access control, click Edit.
- Click to clear the Integrated Windows authentication check box.
- Click to select the Basic Authentication (password is sent in clear text) check box.
Note In versions of IIS that are earlier than IIS 6.0, you must click Edit under Basic authentication before you perform step 7.
- In the Default Domain box, type the appropriate domain name. This will be the same name that you used in the Default Domain box for the Exchange and Public virtual directories.
- Click OK two times.
- Right-click Default Web Site, and then click Stop.
- Right-click Default Web Site, and then click Start.
- Exit IIS Manager.
For more information about Exchange Server front-end and back-end topology, visit the following Microsoft Web site:
Additional query words: XADM XCCC OWA
Keywords: kbexchangeowa kbexpertiseadvanced kbtshoot kbprb KB927907