Bug ID 1117241: Impossible to sign out of OWA when using kerberos SSO

Last Modified: Jan 20, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,

Opened: Jun 20, 2022
Severity: 3-Major


Users are unable to logout from OWA.


Clicking the OWA 'Sign out' button will do nothing other than showing this message: "To finish signing out, please close all open browser windows." That means APM cookies will not be automatically deleted and session will still be active.


BIG-IP is configured with kerberos SSO against the exchange server. Users try to use the OWA "Sign out" button.


Any one of these will mitigate the issue: -- Send a request to "/owa/logoff.owa" will help complete the sign out process on the client and initiate the logout on APM side. -- Close the browser to clear out APM cookies on the client side (session will remain active on APM). -- Configure FBA authentication for OWA on Exchange server and client initiated form based SSO on APM

Fix Information


Behavior Change