Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, March 17, 2016 9:23 PM
So I know it sounds stupid but its not as obvious as you might think...unless im missing something :) cuz ya know I happens sometimes.
Environment: Win 7, office 2013, 2008 AD, onsite Exchange 2010 server.
Issue: After a domain password policy change occurs (90 days) the user is prompted to input their password by outlook when opened. User can input the new password and marks the check box and it does not accept and continues to prompt. This can be corrected by clearing the credential manager.
That is a good fix however it just started to do this in the last 4 months and did not before then. I need to know why this happens and an enterprise level fix.
All replies (4)
Friday, March 18, 2016 6:48 AM ✅Answered
Hi,
Please check this KB article for this specific issue: https://support.microsoft.com/en-us/kb/2762344
This happens because, before your password changed, you saved your credentials. The stored credentials are not overwritten when Outlook triggers the authentication prompt even if you enable the Remember my credentials option.
As you already know, the best solution currently is to remove the stored credential from the Credential Manager. The credential is stored under:
C:\Users\UserName\AppData\Roaming\Microsoft\Credentials
So to fix this at an enterprise level, probably we can write a simple script to clean it from that path, and run that script as a user startup script via Group Policy.
Regards,
Ethan Hua
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
Friday, March 18, 2016 12:05 PM | 1 vote
Any time a user updates his password, he should always log out of windows and then log in again to update the credential cache.
Friday, March 25, 2016 7:06 PM
Is there a way prevent credential manager from collecting this information in the first place?
SSO is supposed to take effect and pass the information to the exchange server and to store anything locally I thought. What could break this?
Tuesday, March 29, 2016 2:22 AM
Hi,
You can prevent Outlook from saving basic authentication credentials, however, in this case you will need to enter the credential each time you launch Outlook.
As far as I know, the experience for logging on to Microsoft Outlook connections is not expected to be a single sign-on experience (Outlook wasn’t designed to support Single Sign On).
The current process is - a user launches Outlook and is prompted for his/her credentials. This is because Outlook is actually doing “basic authentication” to Exchange. After the user enters the login and password, there is an option to “save” the credentials using the Windows credential manager. So upon the next launch of Outlook, the user is not prompted for credentials again but it is because the credentials are stored.
Regards,
Ethan Hua
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]