We help IT Professionals succeed at work.

Office 365 migrated user continuously receiving modern auth prompt to enter password.

103 Views
Last Modified: 2019-01-01
Hello Experts. In on-prem I have Exchange 2013 CU21, with AD2012. We use Azure AD Connect to sync our on-prem AD with Office 365, leverage Pass Through Authentication, and SSO is enabled on Azure AD Connect server. and are fully in Exchange Hybrid mode with centralized mailflow to Exchange Online. We have started migrating users from on-prem Exchange to Office 365. Users Outlook is connecting via Modern Authentication Protocol and Authn shows as Bearer* for Outlook client. I noticed that each day, 2 or 3 of our users that have been migrated get repeated (modern) authentication prompts from Outlook repeatedly. Some time clearing creds, and running Microsoft SARA tool fixes the issue, but sometimes it does not. For the time being, i have implemented the below reg key to disable modern auth on a few of these users, so Outlook uses basic authentication to connect to Office 365:

Reg Key: HKCU\SOFTWARE\Microsoft\Office\16.0\Common\Identity\EnableADAL
Type:  REG_DWORD
Value: 0

After implementing the above, Outlook no longer continuously prompts for passwords. Its strange that some users are getting this, while majority are just fine. About 2 or 3 different users that have been migrated complain of this issue daily, we have migrated about 300 of our users to Exchange Online so far.

Has anybody else encountered this issue. I'm wondering if this is an issue with Modern Auth in general, or is it related to something on the windows OS side, such as a missing update? I have tried recreated E-mail profile on local machine, reinstalled Office, clearing creds, restarting machine, removing work account from computer and then re-adding...etc...it seems to be a hit or miss with any of these solutions. sometimes none of these solutions work on a few users, and the RegKey has to be implemented.

Please let me know if you have seen this issue as well, and how to resolve it permanently. Thanks in advance.
modernauth.PNG
Comment
Watch Question

Author

Commented:
forgot to mention above....All the users that we migrated get Office click to run installed x64 bit. and are assigned an E3 license. and are on Windows 10 machines version 1803
CERTIFIED EXPERT
Most Valuable Expert 2015
Distinguished Expert 2019

Commented:
What's the Office version? There was a known issue with the new WAM stack on W10 machines, as detailed here: https://support.microsoft.com/en-my/help/4025962/can-t-sign-in-after-update-to-office-2016-build-16-0-7967-on-windows-1
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.