Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Outlook 2010 prompting for credentials

Posted on 2014-10-06
13
Medium Priority
?
150 Views
Last Modified: 2014-11-16
Hello,
I have an interesting issue with a group policy running on our new Windows 7 workstations.
Our setup is as follows:
Our server is running Windows Server 2003 with Exchange 2003.
Our old Windows XP workstations are running Office 2007.
Our new Windows 7 workstations are running Office 2010.

Our Windows XP workstations run fine with our current group policy but we have found that when we add our new Windows 7 workstations to the same policy Outlook 2010 stops connecting to the server after about a week and requests you type in a username and password. I have tried the users domain details but it fails to authenticate. The strange part is Outlook works for about a week and then just stops working after that it starts requesting for authentication details.

If I remove the workstation from the group policy and perform a “gpupdate /force” on the host then Outlook will once again connect to the server.

I have checked the event logs on the server and found the following events:
Event Type:      Failure Audit
Event Source:      Security
Event Category:      Account Logon
Event ID:      675
Date:            09/10/2014
Time:            11:29:58
User:            NT AUTHORITY\SYSTEM
Computer:      Server1
Description:
Pre-authentication failed:
       User Name:      sthompson
       User ID:            linkwon\ sthompson
       Service Name:      krbtgt/linkwon.COM
       Pre-Authentication Type:      0x0
       Failure Code:      0x19
       Client Address:      10.1.40.7

Does anyone know of any differences in Office 2010 that may be causing this issue where Outlook 2010 requests authentication?
0
Comment
Question by:Sc0t
  • 8
  • 5
13 Comments
 
LVL 13

Expert Comment

by:Rizzle
ID: 40363414
Could you share the Group Policy that is being applied with us for further review please?
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40363415
Also have you tried installing Office 2010 on a XP machine and then applying the GPO to it to see if its an issue with Office 2010?
0
 

Author Comment

by:Sc0t
ID: 40363667
Please see file attached of our GPO.
Win7-GPO.rtf
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 13

Expert Comment

by:Rizzle
ID: 40363879
Right I can see your policies controlling a lot of RPC Authentication methods which might be the cause.

Also i'm assuming this happens to all of the Windows 7 clients that are joined to the domain?

To ensure the issue is being caused by the GPO you attached, can you place the machine into an OU with no policies being received (Block Inheritance) then see if the issue still occurs, at least then we have ruled in/out the Group Policy being the issue. If the issue occurs without the GPO it maybe pointing to a client side issue maybe something like "Cached Exchange Mode" being enabled or a corrupt local mail profile (This would be highly unlikely)

Definitely install Office 2010 onto an XP machine and provide the result.

Also worth noting, that Outlook has  something in built which shows you all the connections it's making/attempting to make. To view it locate the notification area Outlook icon in the task bar (the icons on the right of the screen by the clock) and then ctrl+right-click to bring up a slightly different context menu, in there click Connection Status, then in here it will tell you where it is trying to connect to.

Also ensure that Office 2010 is updated up to SP1 which has fixes for this sort of issue.
0
 

Author Comment

by:Sc0t
ID: 40365672
Also i'm assuming this happens to all of the Windows 7 clients that are joined to the domain?
Answer: Yes it does.

When I remove the workstation from the group policy e.g. no GPO being applied then Outlook works fine.

Office is up to date with all the latest patches and has sp2 applied.
0
 
LVL 13

Accepted Solution

by:
Rizzle earned 1500 total points
ID: 40366806
I think the issue maybe to do with RPC authentication which seems to be getting controlled in the GPO. I recommend removing them one by one until the issue doesn't happen then at least you know what part of the GPO doesn't work.
0
 

Author Comment

by:Sc0t
ID: 40367906
Ok I will try removing the RPC authentication one by one and let you know the result.
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40380382
0
 

Author Comment

by:Sc0t
ID: 40382381
Hi Roshan,

We do not use a proxy on our network.
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40382434
Has anything come from removing the RPC parts from the GPO?
0
 

Author Comment

by:Sc0t
ID: 40384293
At the moment I am waiting for the issue to re-appear.
I have added two machines to the GPO in question but at the moment Outlook is working as expected.

The strange thing is previously it took about a month before the machines that were in this particular GPO stopped working and Outlook started requesting for authentication credentials.

As soon as we removed the machines from the GPO they all started working again.
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40384324
Right ok, its probably wise to do what I said,

I know its a pain but I've had to go through this many times even internally we agreed its not best to manage too many authentication settings (RPC's) via GPO as these issues can surface, if you implement them then you need to be prepared to do things like this to find out which setting is causing the problem.
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40384326
If you wanted you could put the Windows 7 machines in a separate OU and then exclude them from this policy (If it isn't required)
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you using email marketing software? If not, you're missing out on effortless marketing and the reaching of desired conversion rates through email marketing software.
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
The viewer will learn how to create a normally distributed random variable in Excel, use a normal distribution to simulate the return on an investment over a period of years, Create a Monte Carlo simulation using a normal random variable, and calcul…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

972 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question