It’s easier to explain with a picture, but I couldn’t quickly find one.
So, Ootw breaks some typical rules that you might expect to see from a traditional web app. For example, even when the user isn’t doing anything, every now and again, Ootw communicates with the Exchange server. This allows it to notify you when you have new email or when email was deleted on another device, etc. Lots of apps do this (e.g., Gmail does it too). It doesn’t do this by closing and re-opening a port every time, it keeps a port open and just “trickles” data back and forth. (This requires HTTP/1.1 or HTTP/2.0 by the way, doesn’t work on HTTP/1.0.) If the port is force-closed, that is an error, as far as Ootw is concerned. Depending on “everything else” (i.e., ADFS, Exchange Federation, is the Exchange connection being proxied across datacenters, etc.) the browser and Ootw will react slightly different ways. But you’ll generally end up with a browser pop and you might also get an authentication pop. After a certain period of inactivity, Ootw will close that port, to reduce the likelihood of port exhaustion on the CAS. I thought that was 2 hours, but if you are working with upping your port timeout to 60 minutes, then it’s obviously more than 15 minutes and less than or equal to 60 minutes. (And it may be different on-premises vs. in the service. I didn’t check.) From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Jonathan Raper Sent: Tuesday, August 23, 2016 9:00 PM To: exchange@lists.myitforum.com Subject: [Exchange] RE: Speaking of Outlook Web App As a followup…. I increased the idle timeout from 15 minutes to 60 minutes for Outlook on the Web in O365. All problems ceased for the end users who were affected. Very interesting. I’d love some more detail behind it, but at the end of the day I guess it does not matter. Thanks, Jonathan From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith Sent: Saturday, July 16, 2016 8:26 PM To: exchange@lists.myitforum.com<mailto:exchange@lists.myitforum.com> Subject: [Exchange] RE: Speaking of Outlook Web App I don’t have time to chase it down right now, but the general recommendation is 120 minutes or more. In regards to supporting different timeouts – you’d have to enforce that in the firewall. I’m sure that Checkpoint, Cisco, and F5 can support policies of that type. I can’t speak to any other vendor. From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Jonathan Raper Sent: Friday, July 15, 2016 8:30 PM To: exchange@lists.myitforum.com<mailto:exchange@lists.myitforum.com> Subject: [Exchange] RE: Speaking of Outlook Web App Thanks Michael, I’ve seen stranger (taking a picture in an electronic procedural record system causing a Cisco ASA to reboot!), so thanks for the idea – something for us to look at. One thing that we are considering a possibility is that we changed the idle timeout from the default of 6 hours down to 15 minutes in order to fall in line with our security policy. The complaints started after that, but not immediately enough that I see a definite correlation – when I asked how long it had been going on, they said, “about a month”, which roughly coincides with the change. I’m considering increasing the idle timeout to 30 minutes to see if the pattern changes. Related question – do you know if it is possible to have a different idle timeout for a subset of users, or is that a purely global configuration? Thanks, Jonathan From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Michael B. Smith Sent: Friday, July 15, 2016 4:07 PM To: exchange@lists.myitforum.com<mailto:exchange@lists.myitforum.com> Subject: [Exchange] RE: Speaking of Outlook Web App I’ve never seen this before. It sounds to me like a TCP port timeout in a firewall is set too low (just a SWAG). From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Jonathan Raper Sent: Friday, July 15, 2016 1:37 PM To: exchange@lists.myitforum.com<mailto:exchange@lists.myitforum.com> Subject: [Exchange] RE: Speaking of Outlook Web App Beuller? Anyone? Thanks, Jonathan From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Jonathan Raper Sent: Tuesday, July 12, 2016 9:30 PM To: exchange@lists.myitforum.com<mailto:exchange@lists.myitforum.com> Subject: [Exchange] Speaking of Outlook Web App We’re running O365, and have a handful of users who exclusively use Outlook on the Web. They have been complaining of the session “reloading” seemingly at random, and even the window taking precedence when it is in the background. In other words, they could be typing something in a linux shell and then all of a sudden Outlook on the Web jumps to the foreground. This has happened enough times that I don’t believe it is just chance or some accidental hotkey combination. Another complaint is that it does this in the middle of them typing an email. I’ve asked them to keep track of how often it happens, and I can find no pattern. The users are running Windows 8.1 ent v6.3 build 9600 and patching is kept current via BigFix. This seems to happen no matter which browser they are using – IE, Chrome, FireFox…..they all seem to do it. Any ideas on what the cause might be and what can be done to resolve this? Thanks, Jonathan NOTE: This message and any attachments is intended solely for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, legally privileged, confidential, and/or exempt from disclosure. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the original sender immediately by telephone or return email and destroy or delete this message along with any attachments immediately. NOTE: This message and any attachments is intended solely for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, legally privileged, confidential, and/or exempt from disclosure. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the original sender immediately by telephone or return email and destroy or delete this message along with any attachments immediately. NOTE: This message and any attachments is intended solely for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, legally privileged, confidential, and/or exempt from disclosure. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the original sender immediately by telephone or return email and destroy or delete this message along with any attachments immediately. NOTE: This message and any attachments is intended solely for the use of the individual or entity to which it is addressed and may contain information that is non-public, proprietary, legally privileged, confidential, and/or exempt from disclosure. If you are not the intended recipient, you are hereby notified that any use, dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this communication in error, please notify the original sender immediately by telephone or return email and destroy or delete this message along with any attachments immediately.
