Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Outlook 2010 prompting for credentials

Posted on 2014-10-06
13
133 Views
Last Modified: 2014-11-16
Hello,
I have an interesting issue with a group policy running on our new Windows 7 workstations.
Our setup is as follows:
Our server is running Windows Server 2003 with Exchange 2003.
Our old Windows XP workstations are running Office 2007.
Our new Windows 7 workstations are running Office 2010.

Our Windows XP workstations run fine with our current group policy but we have found that when we add our new Windows 7 workstations to the same policy Outlook 2010 stops connecting to the server after about a week and requests you type in a username and password. I have tried the users domain details but it fails to authenticate. The strange part is Outlook works for about a week and then just stops working after that it starts requesting for authentication details.

If I remove the workstation from the group policy and perform a “gpupdate /force” on the host then Outlook will once again connect to the server.

I have checked the event logs on the server and found the following events:
Event Type:      Failure Audit
Event Source:      Security
Event Category:      Account Logon
Event ID:      675
Date:            09/10/2014
Time:            11:29:58
User:            NT AUTHORITY\SYSTEM
Computer:      Server1
Description:
Pre-authentication failed:
       User Name:      sthompson
       User ID:            linkwon\ sthompson
       Service Name:      krbtgt/linkwon.COM
       Pre-Authentication Type:      0x0
       Failure Code:      0x19
       Client Address:      10.1.40.7

Does anyone know of any differences in Office 2010 that may be causing this issue where Outlook 2010 requests authentication?
0
Comment
Question by:Sc0t
  • 8
  • 5
13 Comments
 
LVL 13

Expert Comment

by:Rizzle
ID: 40363414
Could you share the Group Policy that is being applied with us for further review please?
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40363415
Also have you tried installing Office 2010 on a XP machine and then applying the GPO to it to see if its an issue with Office 2010?
0
 

Author Comment

by:Sc0t
ID: 40363667
Please see file attached of our GPO.
Win7-GPO.rtf
0
Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

 
LVL 13

Expert Comment

by:Rizzle
ID: 40363879
Right I can see your policies controlling a lot of RPC Authentication methods which might be the cause.

Also i'm assuming this happens to all of the Windows 7 clients that are joined to the domain?

To ensure the issue is being caused by the GPO you attached, can you place the machine into an OU with no policies being received (Block Inheritance) then see if the issue still occurs, at least then we have ruled in/out the Group Policy being the issue. If the issue occurs without the GPO it maybe pointing to a client side issue maybe something like "Cached Exchange Mode" being enabled or a corrupt local mail profile (This would be highly unlikely)

Definitely install Office 2010 onto an XP machine and provide the result.

Also worth noting, that Outlook has  something in built which shows you all the connections it's making/attempting to make. To view it locate the notification area Outlook icon in the task bar (the icons on the right of the screen by the clock) and then ctrl+right-click to bring up a slightly different context menu, in there click Connection Status, then in here it will tell you where it is trying to connect to.

Also ensure that Office 2010 is updated up to SP1 which has fixes for this sort of issue.
0
 

Author Comment

by:Sc0t
ID: 40365672
Also i'm assuming this happens to all of the Windows 7 clients that are joined to the domain?
Answer: Yes it does.

When I remove the workstation from the group policy e.g. no GPO being applied then Outlook works fine.

Office is up to date with all the latest patches and has sp2 applied.
0
 
LVL 13

Accepted Solution

by:
Rizzle earned 500 total points
ID: 40366806
I think the issue maybe to do with RPC authentication which seems to be getting controlled in the GPO. I recommend removing them one by one until the issue doesn't happen then at least you know what part of the GPO doesn't work.
0
 

Author Comment

by:Sc0t
ID: 40367906
Ok I will try removing the RPC authentication one by one and let you know the result.
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40380382
0
 

Author Comment

by:Sc0t
ID: 40382381
Hi Roshan,

We do not use a proxy on our network.
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40382434
Has anything come from removing the RPC parts from the GPO?
0
 

Author Comment

by:Sc0t
ID: 40384293
At the moment I am waiting for the issue to re-appear.
I have added two machines to the GPO in question but at the moment Outlook is working as expected.

The strange thing is previously it took about a month before the machines that were in this particular GPO stopped working and Outlook started requesting for authentication credentials.

As soon as we removed the machines from the GPO they all started working again.
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40384324
Right ok, its probably wise to do what I said,

I know its a pain but I've had to go through this many times even internally we agreed its not best to manage too many authentication settings (RPC's) via GPO as these issues can surface, if you implement them then you need to be prepared to do things like this to find out which setting is causing the problem.
0
 
LVL 13

Expert Comment

by:Rizzle
ID: 40384326
If you wanted you could put the Windows 7 machines in a separate OU and then exclude them from this policy (If it isn't required)
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Meetings to discuss business process can waste time, and often do .  The meeting's dialog can get confusing when participants have different professional perspectives and backgrounds.  A jointly-developed process picture helps wade through the confu…
As freelancing is becoming more and more common in the tech industry, certain obstacles are proving to be a challenge to those who are used to more traditional, structured employment. This article is meant to help identify such obstacles and offer a…
The view will learn how to download and install SIMTOOLS and FORMLIST into Excel, how to use SIMTOOLS to generate a Monte Carlo simulation of 30 sales calls, and how to calculate the conditional probability based on the results of the Monte Carlo …
In this Experts Exchange video Micro Tutorial, I'm going to show how small business owners who use Google Apps can save money by setting up what is called a catch-all email address in their Gmail accounts. By using the catch-all feature, small busin…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question