Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Outlook 2010 & 2007 prompts for password continuously.  Possible certificate issue.

Posted on 2011-10-05
Medium Priority
Last Modified: 2012-05-12
Outlook 2007 and 2010 prompt for password continuously.  After HOURS on the phone with Microsoft, we got this fix a few years ago for Office 2007 so it will not prompt for credentials continuously.  The fix is this registry entry:


This solved the password prompting issue, but I have noticed a problem when trying to update the global address list. (Office 2007: Tools>Send/Receive>Download Address book and then click ok.)
The process fails.  (See screenshot1.jpeg and screenshoot2.jpeg)

 Screen Shot 1
 Screen Shot 2
I did see where the Send/Receive windows say “Saving Sync Log” (screenshot1.jpeg), but I do not know where this is at.

When “Always prompt for login credentials” (under account setup) is checked, you can update the Global Address book without any problems.  (See attached screen shot screenshot3.jpeg)

 Screen Shot 3
The above registry entry does not work on Office 2010.  What I can understand is this is due to changes in 2010 on how it uses RPC.  I did discover this work around though:

When “Always prompt for login credentials” (under account setup) is checked, everything works fine.  User is not prompted for password (except the first time when they open outlook and you can update the Global Address book.

Please see the additional information below.

Any help is GREATLY appreciated.

Additional information:
1)      Client machines are Windows 7

2)      We have two Exchange servers.  One is Mailbox and Hub Transport.  The other is CAS.  Bother servers are dc, gc, and server 2k3 R2 SP2 64-bit.

3)      Exchange version on both servers is 8.3 (Build 83.6)

4)      We do not have a UCC.  I do think this is part if not all of the problem.  I am not familiar enough with exchange and IIS to request a certificate and then install it and setup everything correctly.  We did not do this when Exchange was setup due to issue with our domain being registered with another company.  This has all been resolved and we can do this now.  I am trying to get a contractor in to request, install, and setup the UCC.

5)      This shows up in System Log on all domain computers:  The server mentioned here is my CAS server:

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server host/jackson.hsisdad.local. The target name used was HTTP/jackson.HSISDAD.local. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Please ensure that the target SPN is registered on, and only registered on, the account used by the server. This error can also happen when the target service is using a different password for the target service account than what the Kerberos Key Distribution Center (KDC) has for the target service account. Please ensure that the service on the server and the KDC are both updated to use the current password. If the server name is not fully qualified, and the target domain (HSISDAD.LOCAL) is different from the client domain (HSISDAD.LOCAL), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.
Question by:doug67coug
  • 3

Accepted Solution

Morasiva earned 1600 total points
ID: 36919766

  Check the below article...May be helpful to you.

Author Comment

ID: 36922226
@Morasiva:  That did have an affect on my global address book issue.  However the solution in the article does not work.  If I disable proxy settings all toghether, it works great!  If I add FQDN of CAS in bypass list it does not work.  Any idea?

Does anyone have an idea regarding the password prompting in Outlook 2010.  I do have a work around, but it is not a fix.

Assisted Solution

doug67coug earned 0 total points
ID: 36928333
Ok I found that changing my default gateway to my core switch instead of the firewall/proxy as the gateway allowed the before mentioned solution that Morasiva suggested to work with out any problems.

Author Closing Comment

ID: 36947433
Make sure you don't send any of the exchange web traffic through any type of proxy server.  Though it may not block the content, it may cause a long enough delay that Outlook will fail.

After instaling a new UCC and setting autodiscover to only use the domains sited on the certificate, my prompting for password issue was sovled

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You finally migrated Public Folders to Office 365, decommissioned the Public Folder mailbox database and since then, when you send an email from on-premise to mail-enabled Public Folders, you get the following error: "Misconfigured public folder mai…
Exchange database can often fail to mount thereby halting the work of all users connected to it. Finding out why database isn’t mounting is crucial and getting the server back online. Stellar Phoenix Mailbox Exchange Recovery is a champion product t…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…
Suggested Courses
Course of the Month10 days, 23 hours left to enroll

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question