Sign up for Office 365
Learn more about Office 365
We moved to Office365 last July, and have 100 users. We do not use any type of federation. The Office365 credentials are a seperate set consisting of their email address and a complex password.
Users are for the most part running Windows 7 and either Office 2007 or Office 2010. A handful still have Windows XP or Vista and run office 2007.
Occasionally when starting Outlook they are asked to enter their login credentials. If they have them, and put them in and check the box to "save my credentials" it will connect to the server and function normally for some time.
Then, on days like today, Ill suddenly have a mass (12+ of 100) users who are once again prompted to enter their password in order to authenticate to the Office365 environment, even though their password hasnt changed.
There really doesnt seem to be any rhyme or reason to it.
Surely this isnt expected behavior.
I believe the Cert is for 8hrs, and then it expires... So, after 8hrs it will re-ask you.. i think this is normal behavior
I think thats it..ill do some more digging
David Petree - Microsoft MCC/MCP
Solutions Engineer - AppRiver
Hi YLTO - Eric Price,
AppRiver_DPetree's reply is a possible reason. I would also suggest you try to fix it by re-running the desktop set up, and this will update the sign-in assistance module for Office 365. In addition, the issue might be caused by the related users password expired too. Please check if they can login Outlook Web App(OWA) normally.
We have not heard from you in a couple of days.
Is there any update of this issue?
Well, Im not sure what you mean by "cert" and it only lasting for 8 hours. These users access their email via Outlook, and its not uncommon for them to go weeks or even months without being asked for their O365 credentials (which frankly, most dont know). I have SOME users though who are asked nearly every day (and no, they dont have the option requiring them to be asked checked inside Outlook). I have reinstalled the Office 365 web download but honestly wont know if it fixed the problem until this happens again, which could be days, or could be weeks from now. Weve used powershell to intentionally disable password expiration, and if the person KNOWS their password then yes, they have no issues logging in to the portal.microsoftonline.com website. Ive seen several others ask this or similar questions, and Ive yet to see what I believe is the proper response. I know I wont be selling any more O365 product until I get this matter resolved, as it is troublesome and embarassing at this point.
If you want to close the ticket do whatever you want, but honestly no - i think the answer does NOT solve the problem.
YLTO - Eric Price ,
Why would you stop selling O365 because of an Outlook problem?
If you search the web or even just the MS site, you will see have been asking about this since Outlook 2007. I get now and then for both my O365 account and my msn email account, sometimes it will go months, sometimes weeks.
Hope this helps
Robert - like my customers (and as mch indicates above), I dont really care whether its an outlook problem or an office 365 / hosted exchange problem. Its a problem, and I cant seem to make it go away.
When the customer had their own (admittedly less feature rich) POP3/IMAP server they were never prompted for credentials when using Outlook. Ever. Nor can I think of a single instance in 15+ years where anyone I supported using Outlook had this type of issue UNTIL I began moving customers to Office 365.
Thank you for your detailed feedback on the result of the issue.
Firstly, I would like to let you know that there isn’t a closed status for the thread posted in the forum. The Community members or the Moderator team will follow up with each question posted in Office 365 Forum. As the question you posted here, we will continue working it with you to find the root cause and fix it.
It seems that the “cert” expires after 8 hours mentioned by AppRiver_DPetree means HTTPS/SSL time-out set to 8 hours. This setting applies to Office 365 Outlook Web App.
To troubleshoot the issue, you can refer the following methods:
1. Check steps in the article “Outlook 2007 prompts you repeatedly for a password under certain network conditions”
2. Remove Office 365 account and add it again manually.
If the issue persists, please provide detailed information about the situation.
In addition, thanks for mch and Robert’s efforts.
http://webbrewers.com/ | | Get more out of Office 365
Thank you for your good questions. I understand that you prefer the cert or token (or whatever) function should function in the same way for Outlook client and Outlook Web App. As to the feature you discussed here, to make it better meet your requirements, you can submit your feedback or post a new question about your detailed concern or question about this point.
Hi, regarding the initial issue, it is not expected for Outlook to prompt if the user's password has not expired or changed and the user has checked 'Remember my password' in Outlook which stores it in the secure credential manager in Windows. Have you checked on both these aspects? Was the user prompted multiple times or only once. If the problem is not being seen and does happen again, it would be great if for the same user account you could provide the following details:
1. Does OWA work with the credential?
2. If Lync is being used, does it prompt in 24 hours of the issue?
On a separate note, Outlook does not use certificates for user authentication. When you use OWA there is a session cookie that is applied which is valid when the user's browser session has not been closed or the user has not explicitly called sign-out.
It really doesn't matter-the OP is saying he has a bunch of users who access their email in different ways which is to be expected in any office.. Why is the experience different for different users?
SamuelD - All of the machines, regardless of whether they are running XP Pro, Vista Ultimate, or Windows 7 Pro and regardless of whether they are using Office 2007 Std or Office 2010 Std experience this issue from time to time in our implementation of 100 users. Last week just happened to be the first time it happened en masse (more than 20% of all accounts prompted the user for his Exchange password upon entering Outlook all on the same day).
Password expiration has actually been disabled with powershell.
In none of the cases had the password expired or been changed. In a few instances accounts became locked because the user input the incorrect password too many times, requiring us to go unlock the account by visiting the portal.microsoftonline.com site with their credentials and inputting them along with the captcha code.
OWA as always continues to work with these credentials
Lync is not being used.
In all cases putting the correct password in and checking the box remember my credentials allows the Outlook client to connect to Exchange properly for a period of time. Several of our users are prompted nearly every day for their credentials, while some go weeks or even months before being prompted. If there is a pattern, I havent noticed it yet.
I've been experiencing the same problem, and after searching some time I found a link between server changes and credential requests.
Checking a users Credential manager I noticed that every time the user had to reenter his password the Outlook server had changed. Since we migrated to office 365 we've had 7 different servers (pod51009.outlook.com, ch1prd0402.outlook.com, ch1prd0404.outlook.com, ch1prd0410.outlook.com, sn2prd0402.outlook.com, sn2prd0404.outlook.com, sn2prd0410.outlook.com)
I tried to enter credentials using a wild card "*.outlook.com" but this is totaly ignored and the user password is requested anyway.
I hope this can point to a possible solution, because I am starting to fnd it also hard to explain to management why they keep having to re enter there passwords at random times.
Please take this problem seriously.
" like my customers (and as mch indicates above)"
I guess they didn't like whatever I "said" because my "forum post was deleted by a moderator". They must be sensitive about having real usability issues like this raised.
You can see what was deleted here.