Link to home
Start Free TrialLog in
Avatar of Mark Olivier
Mark OlivierFlag for United States of America

asked on

Outlook Asks for Password Every 24 Hours - We've tried everything!

Outlook asks for password every 24 hours. It may not be exactly 24 hours, but it is close. I know Outlook password issue is a common problem with a lot of different solutions, but we've tried everything we can think of. Microsoft support could not recommend anything we haven't already done. 


We were affected by the "security event" at Rackspace and we moved all our Hosted Exchange clients to O365. Since then, this is happening with one client only, but multiple PCs. The PC will display the message "Need Password" just above the taskbar and stops syncing. But entering the password does not fix it. The PC has to be rebooted for the problem to go away for 24 hours. Adding the password (which isn't actually missing or wrong) and restarting Outlook does nothing. 


We have deleted credentials in credential manager, ran the SaRA tool from Microsoft, enabled modern authentication, uninstalled and reinstalled Office, reversed the "ExcludeExplicitO365Endpoint" trick, did multiple suggested registry edits if we thought they applied, created new Outlook profiles, created new Windows user profiles, ran CHKDSK, DISM, SFC, and flushdns, we deleted the accounts in the Privacy and Security section of Windows. And, we thought for sure this would fix it - we did multiple clean Windows reinstalls. The problem persists. A simple reboot of the PC fixes it, but only for about 24 hours. 


This is happening only to PCs on the domain. Some users have their email set up in Outlook on their home PCs and those do not have this problem. I'm beginning to think this is somehow related to Group Policy, but don't see anything in there that might be causing this. I saw RODC entries in GP, but after reading up on what this is, it does not seem to be a possible cause. Also, and I have no idea if this is related, but several servers ago and several IT companies ago, this company had an on-premise Exchange server. AD has likely been migrated at each server replacement. So maybe something has been brought over that is interfering with MS O365? This is Server 2012 R2, fully patched, running as a VM in Hyper-V.


We are open to any suggestions and would really appreciate your input. We will try anything that hasn't already been tried, and will update here with results, but keep in mind we have to wait 24 hours or more before we know if the problem is actually resolved. 


Thank you.

Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image

i get the same problem occasionally and also have not found a solution. Perhaps Microsoft Support can help you since it is not just transitory but repeatable.

Since this happened after moving hosting, have you tried rebuilding the server from scratch? Hosting should allow you to try a new server as a possible solution.
Avatar of Mark Olivier

ASKER

David. It's kind of crazy how many different things we've tried. I did contact Microsoft earlier this week. I worked with the technician about 20-30 minutes, but he had no suggestions that we didn't already try. I think they are going to try to escalate, but I think that means a paid support ticket for Microsoft. But that's OK. At this point, we're getting a little desperate.

jhparizona - This is hosted by Microsoft, so I'm not sure how that would work. But we have quite a few other accounts on the same server with no issues. Only one client is having this problem, and only on the PCs connected to their on-premise domain. Their personal PCs with Outlook using the same email addresses have no problem.

Only rebooting the machine worked for me..  and it works for you.. with no cause or alternate fix from Microsoft as of yet. For me its just an occasional problem..  I think it may be subscription renewal related (client attempt to renew from subscription service)

there are solutions, in various situations ie for win11, win10 and also mac
but the fixing method are just 3 methods

1-fixing via registry editing  
> HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\AutoDiscover
>in the auto discover,  create  entry "ExcludeExplicitO365Endpoint" with value DWORD32Bit and value data =1  
>OR change the default with "ExcludeExplicitO365Endpoint" and edit value data =1
>restart your pc

2-fixing via reset credentials  in windows credential - i forgot this one

3- fixing via setting
> set the Security with UNTICK Always prompt for logon credentials

I can think of SCP connection. Worth checking out. Refer:
https://www.blogabout.cloud/2020/11/1942/
Ed Redd - We have tried items 1 and 2 that you list. We found multiple variations on the "ExcludeExplicitO365Endpoint" routine, including associated registry edits and particularly the one you list the steps for. Item 3, unticking for logon credentials, is grayed out and not adjustable on any of the PCs.

Amit - We will look into this one. Are you reading it as we should try removing ServiceBindingInformation by running the command
"Set-ClientAccessServer -AutoDiscoverServiceInternalUri $Null" ?
Setting the Client Access Server SCP to null is only the first step and only if you have an issue with the current SCP settings. Generally, unless you have multiple servers in different sites, you wouldn't run into this issue. You would still need to set it to the correct value after setting it to null and letting it replicate.
  If the setting is wrong, you can just change it with the Set-ClientAccessServer cmdlet.
Regarding: 3- fixing via setting
> set the Security with UNTICK Always prompt for logon credentials

What about the computers that are working such as home computers?

 Could there be a setting in the Group Policy regarding disabling this setting on the office computers?

Did you use the same Outlook profiles after moving? If so, try creating a new user profile to see if it fixes the problem. 

Adam - we created new Outlook profiles, then created new Windows profiles, and then did clean Windows reinstalls.

jhparizona - The home computers are also grayed out, as they are on other clients we have on O365. I think this is a default setting that can't be changed on O365 accounts. The "Always prompt for logon credentials" is unchecked, so there's really no need to find out why it is grayed out.
ASKER CERTIFIED SOLUTION
Avatar of Mark Olivier
Mark Olivier
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
We have had no further issues since I cleaned up AD and removed everyone from Denied RODC Password Replication Group. I am not certain if this specifically fixed it, because I did a fair amount of other AD and GP cleanup. Thank-you to everyone for your input.