Missing in Action — Log Off When User Leaves Site
One of the nice features included with the ISA 2004 Firewall was the ability to publish an OWA Web site and configure the Web listener for the rule to automatically log the user off when the user moves to a different site in the same browser session.
For example, the user might be at an airport kiosk and log onto his email account using OWA. Then the user might enter the URL to the www.foxnews.com site to check on the latest news. In ISA 2004, if the user returned to the OWA site clicking the back button a few times, he would have to log in again because the Web listener would be configured to log the user off when he leaves the site.
Apparently, this feature was supposed to be included in the 2006 ISA Firewall, but somehow got left on the cutting room floor. Why do I think it was supposed to be included with the new ISA Firewall? Check out the screenshot below of the ISA 2006 Help File:
However, if you check out the dialog box that this Help File entry refers to, you’ll see:
Perhaps there is a Registry entry that will enable this behavior? If so, I’m not aware of it. Hopefully this setting will be returned to us with ISA 2006 SP1 is released.
HTH,
Tom
Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
Email: tshinder@isaserver.org
MVP — Microsoft Firewalls (ISA)
Marc Grote Says:
October 16th, 2006 at 1:43 pm
Hi Tom,
I found the same problem a few days ago. Jim Harrison from Microsoft told me That the help is incorrect; the ISA team opted for the session timeout as a more reliable method for disconnect.
regards Marc Grote aka Jens Baier
Thomas Shinder Says:
October 16th, 2006 at 2:21 pm
Hi Marc,
Thanks! I hope that they decide to bring back the option to have the user log out when they leave the page. I see it as a fairly common scenario.
Tom