Users still have access to Outlook Web Access after disabling account or changing password

microsoft-office-365

I have changed a user's password, but it seems that he was logged in via webmail at the time, and he his session has remained alive.

I have disabled the account too at the time of active session on webmail but still the users has a active session.


Solution 1:

The web session doesn't become invalid when the account changes, unfortunately. Same thing happens if you have a user logged into a domain workstation and you disable their account. They still have a valid session on that workstation and won't notice a problem until they have to reauthenticate to that machine (logout/login or unlock), or need to access resources on another machine that they don't have a current session on.

Solution 2:

What mfinni said. One possible workaround may be to turn off the user's access to OWA via PowerShell with Set-Mailbox -Identity "user's ID" -OWAEnabled $false. If you're using ADFS, you might be able to create an AD group which is not allowed to remotely access Office 365 and put terminated employees there.

I don't know if either will kick them out before their session expires, however, and am not in a position to test it.

Related

Windows Server 2000 hardware question
Too many connections to SQL 2005
Who or what is sending spam from my server ( CentOS / Apache / suPHP )
How can I install packages from the RHEL6's Optional Channel via Kickstart?
Get variable from PHP to JavaScript [duplicate]
Matching accented characters with Javascript regexes
python tracing a segmentation fault
Bootstrap 3: Push/pull columns only on smaller screen sizes
What is the difference between String and StringBuffer in Java?
Generic Way to Check If Entity Exists In Entity Framework?
Android: get height of a view before it´s drawn
Forcing anti-aliasing using css: Is this a myth?