How to Set the Outlook Web Access Forms-Based Authentication Trusted Computer Cookie Time-Out Value
In Microsoft® Exchange Server 2003, Outlook Web Access user credentials are stored in a cookie. When the user logs off Outlook Web Access, the cookie is cleared and it is no longer valid for authentication.
Users should select the Private computer option only if the user is the sole operator of the computer, and the computer adheres to that user's organizational security policies. When selected, the Private computer option allows for a much longer period of inactivity before automatically ending the session—its internal default value is 24 hours. This option is intended to benefit Outlook Web Access users who are using personal computers in their office or home.
To match the security requirements of your organization, an administrator can configure the inactivity time-out values.
Before You Begin
Warning
As indicated earlier, users should select the Private computer option only if the user is the sole operator of the computer, and the computer adheres to that user's organizational security policies. Users should be educated about precautions to take to avoid risks when they select the Private computer option.
Note
Incorrectly editing the registry can cause serious problems that may require you to reinstall your operating system. Problems resulting from editing the registry incorrectly may not be able to be resolved. Before editing the registry, back up any valuable data.
Procedure
To set the Outlook Web Access forms-based authentication trusted computer cookie time-out value
Start Registry Editor (regedit).
Navigate to the following registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Services\MSExchangeWeb\OWA
On the Edit menu, point to New, and then click DWORD Value.
In the details pane, name the new value TrustedClientTimeout.
Right-click the TrustedClientTimeout Dword value, and then click Modify.
In Edit DWORD Value, under Base, click Decimal.
In the Value Data box, type a value (in minutes) between 1 and 432,000.
Click OK.
For More Information
For detailed steps for how to configure the public computer cookie time-out value, see How to Set the Outlook Web Access Forms-Based Authentication Public Computer Cookie Time-Out Value.
For information about managing and configuring Outlook Web Access, see the following topics: