Exchange Server 2003 - Setting the cookie authentication time-out in an environment without a front-end server

Overview: To configure the time-out value, you must first enable forms-based authentication and then modify the registry settings on the server.

Setting for Public Computers:

1. On the Exchange server, start REGEDIT.
2. Go to HKEY_LOCAL_MACHINE | SYSTEM | CurrentControlSet | Services | MSExchangeWeb | OWA.
3. Right-click OWA and scroll to NEW | DWORD and type PublicClientTimeout.
4. Double-click PublicClientTimeout. In the base area, click DECIMAL and in the value area, type the number of desired minutes for time-out on the OWA client. This number must be between 1 and 43200. (43200 minutes are equal to 30 days.) If you do not set a value, a value of 15 is assumed. (The maximum possible value is 43200 for 30 days.)
8. Click OK.
9. You must restart IIS for the changes to take effect.

Note: If you set the TrustedClientTimeout value to a value that is lower than PublicClientTimeout, the TrustedClientTimeout value defaults to be equal to the PublicClientTimeout value. Likewise, if you set the PublicClientTimeout value to a value that is greater than the TrustedClientTimeout value, the TrustedClientTimeout value defaults to be equal to the PublicClientTimeout value.

Setting for Trusted Computers:

1. On the Exchange server, start REGEDIT.
2. Go to HKEY_LOCAL_MACHINE | SYSTEM | CurrentControlSet | Services | MSExchangeWeb | OWA.
3. Right-click OWA and scroll to NEW | DWORD and type TrustedClientTimeout.
4. Double-click TrustedClientTimeout. In the base area, click DECIMAL and in the value area, type the number of desired minutes for time-out on the OWA client. This number must be between 1 and 43200. (43200 minutes are equal to 30 days.) If you do not set a value, a value of 1440 is assumed. (The maximum possible value is 43200 for 30 days.)
5. Click OK.
6. From a command prompt, type net stop w3svc, and then press ENTER.
7. After the services stop, type net start w3svc, and then press ENTER.