Rahul Dhar’s Bio

I'm Rahul Dhar, a Program Manager for Outlook Web Access in Exchange.  A native of Steeler country (also known as Pittsburgh), I joined Microsoft in 2005 after graduating from university.  When I'm not watching the Steelers, I work on OWA setup and administration and spell-check.  I'm looking forward to discussing OWA's past, present, and future with you.

Comments (1)
  1. Steve says:

    I used DNS Round Robin as a method to balance between (2) 2003 OWA FE Servers.  Users almost immediately complained about being kicked out of OWA.

    Errors: unable to authenticate / session has expired

    One posting I read was forms-based authentication (that I use) could/is at the center of the problem


    Forms-Based Authentication

    In forms-based authentication, users are directed to a Hypertext Markup Language (HTML) form. After the user provides credentials in the form, the system issues a cookie containing a ticket. On subsequent requests, the system first checks the cookie to verify if the user was already authenticated, so that the user does not have to supply credentials again. Advantages of forms-based authentication include the following:

    Credential information is not cached on the client computer. This is particularly important in a scenario where users are connecting to your Outlook Web Access server from public computers. Users are required to reauthenticate if they close the browser, log off from a session, or navigate to another Web site.

    • You can configure a maximum idle session time-out, so that if a user is idle for a prolonged period of time, the session expires, and reauthentication is required.

    • Users cannot use the Remember my password option in Internet Explorer.

    • Outlook Web Access includes optional functionality that allows a user to change the password. If a user changes the password during an Outlook Web Access session, the cookie provided after the user initially logged on will no longer be valid. When forms-based authentication is configured on ISA Server, the user who changes the password during an Outlook Web Access session will receive the logon page the next time a request is made.

    In an ISA Server 2004 Enterprise Edition scenario involving multi-server ISA Server arrays, you must ensure that client requests for a particular session are handled by the same array member, so that the client’s cookie is recognized. If the request is received by a different member, the cookie will not be recognized and the request will be dropped by that ISA Server member. An effective way to ensure that the requests are handled by the same server member is to enable integrated Network Load Balancing (NLB) on the ISA Server array. For more information, see Appendix A: Configuring NLB on the ISA Server Array


    If formed based authentication is the cause, if I switch to nlb will I still experience issues because I don’t use ISA.

    DNS round robin has been removed and owa is acting as 1 fe server and users aren’t having the problems.

    Please comment on using dns round robin and nlb (without isa), trying to balance the owa between (2) fe servers.


Comments are closed.

Skip to main content