Recently we noticed with some Exchange 2013 customers having their OWA (Outlook Web access) published on Microsoft UAG (Latest SP4 Rollup update) that they can’t sign out properly from their OWA session and instead they get the message “To finish signing out, Please close all open browser windows”

When the user hits OK, nothing happened and he is still logged in.

This issue is not related to the UAG OWA setup or the UAG authentication but rather the Exchange Virtual directories authentication. This behavior occurs because the Exchange OWA virtual directories are set to Windows Integrated Authentication.

In order to change this you will need to do the following:

  1. From Exchange Admin Center go to Servers – Virtual Directories (Pick your server if you have multiple servers.
  2. Edit the OWA (Default Web Site) Authentication.
  3. Uncheck “Use one or more standard authentication methods” and pick an option in the below FBA (Forms based authentication) as shown in the below image                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          
  4. You will need to do the same for the ECP virtual directory (Actually it will display message with this)
  5. Reset/Restart the IIS and the logoff should be normal as expected.
Hopefully this can help anyone encountering this issue.