Outlook 365 in on prem domain joined terminal server asking for users 365 password every time they log on to the terminal server.

Question

Outlook 365 in on prem domain joined terminal server asking for users 365 password every time they log on to the terminal server.

AngryViking32 46

Quite a specific issue
We have an environment set up like so:

On prem AD with local domain that is synced to azure.
The terminal servers are joined to the local domain.
Users use local domain creds to log on to the terminal server.
They are on a farm and use standard windows profile disks - no fslogix (and its not going to happen. We have had a Bad Time™ with it in the past).
Mail accounts are all on exchange online.
Credentials for local domain and azure are synced so they have the same username and password in both.

the issue we are having is:
When a user logs into a terminal server on the farm and opens Outlook, they are prompted to enter their exchange online account credentials.
Closing and opening Outlook within that session does not re-prompt for creds.
If the user logs out of the terminal server, then logs back in and opens Outlook, they are again prompted for credentials.
Nothing appears to be getting saved to credential manager.
We have tried everything from these articles already:
https://learn.microsoft.com/en-us/microsoft-365/troubleshoot/authentication/automatic-authentication-fails
https://learn.microsoft.com/en-us/outlook/troubleshoot/authentication/password-prompt-at-every-start-or-cannot-create-profile
https://learn.microsoft.com/en-us/answers/questions/597147/office-365-outlook-keeps-asking-o365-credentials-e.html
https://community.spiceworks.com/topic/2358308-office-365-on-rds-requiring-sign-in-each-time-a-user-connects

Edit: We have also re-created the user profile by removing the UPD, we also re-created the outlook profile.

Faery Fu-MSFT 19,751 Reputation points Moderator

2022-12-07T08:35:29.757+00:00
Hi @AngryViking32 ,

Considering that the users are probably not allowed to save credentials in Remote Desktop Connection, you need to enable that feature.
For how to do this, please refer to BPatti's reply in this thread: http://answers.microsoft.com/en-us/windows/forum/windows_7-security/remote-desktop-connection-not-using-saved/13a17d84-b008-4767-95fb-b891e9e6bc66

How do you re-create outlook profile? Try to create profile from control panel (Mail > Show Profiles > Add) and manually configure your account to see if it works: When adding account to Outlook, in Connect Account page, select “Let me set up my account manually”.

If above methods do not work, please run “Outlook Autodiscover” test in this link to check if it can pass the test: https://testconnectivity.microsoft.com/ ->Exchange Server->Outlook Autodiscover.
Faery Fu-MSFT 19,751 Reputation points Moderator

2022-12-13T08:06:27.52+00:00

Hi @AngryViking32 ,
It has been a while and I am writing to see how things are going on with this issue. Have you had a chance to check the replies provided? Any update would be appreciated
ChristyZhang-MSFT 26,126 Reputation points Microsoft External Staff

2022-12-27T07:06:29.417+00:00

Hi @AngryViking32 ,

It has been a while and I am writing to see how things are going on with this issue. Have you had a chance to check the replies provided? Any update would be appreciated.

3 answers

Your answer

Faery Fu-MSFT 19,751 Reputation points Moderator

2022-12-07T08:35:29.757+00:00

Hi @AngryViking32 ,

Considering that the users are probably not allowed to save credentials in Remote Desktop Connection, you need to enable that feature.
For how to do this, please refer to BPatti's reply in this thread: http://answers.microsoft.com/en-us/windows/forum/windows_7-security/remote-desktop-connection-not-using-saved/13a17d84-b008-4767-95fb-b891e9e6bc66

How do you re-create outlook profile? Try to create profile from control panel (Mail > Show Profiles > Add) and manually configure your account to see if it works: When adding account to Outlook, in Connect Account page, select “Let me set up my account manually”.

If above methods do not work, please run “Outlook Autodiscover” test in this link to check if it can pass the test: https://testconnectivity.microsoft.com/ ->Exchange Server->Outlook Autodiscover.
Faery Fu-MSFT 19,751 Reputation points Moderator

2022-12-13T08:06:27.52+00:00

Hi @AngryViking32 ,
It has been a while and I am writing to see how things are going on with this issue. Have you had a chance to check the replies provided? Any update would be appreciated
ChristyZhang-MSFT 26,126 Reputation points Microsoft External Staff

2022-12-27T07:06:29.417+00:00

Hi @AngryViking32 ,

It has been a while and I am writing to see how things are going on with this issue. Have you had a chance to check the replies provided? Any update would be appreciated.

Answer 1

Laurin Bernet 5

Hi all

I got the same issue, and not just in one environment..

We've got the exacte same setup as @AngryViking32 discribed above.

The registry key, as well as link from @Faery Fu-MSFT couldn't resolve the issue.

With Terminal Server 2019 I was able to circumvent the error with a Powershell Script, which is coping the "C:\Users\username\AppData\Local\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\AC" folder to a networ share when loging of and when loging back on copying the folder from the share back to the user's AppData (replacing the existing folder). I assume the Problem is, that this folder is somehow recreated when loging on the TS. For whatever reason... But if someone has a real solution for this error I would be very greatful.

Andi 0 Reputation points

2023-10-19T11:47:09.24+00:00

Hi @Laurin Bernet

We currently have the same problem and we can't switch to FS Logix "yet" for various reasons, FS Logix should obviously be able to solve the problem. Would it be possible that you could provide this PS script so that I can implement a workaround for me?

Thanks for the help.

Thanks,

Andi

All good. Could write a script for it myself. Please ignore > Can not find a delete function to delete the comment...

Answer 2

Hi,

Thank you for posting your query.

Kindly follow the steps provided below to resolve your issue.

Create the following registry key to force Outlook to use a newer authentication method for web services, such as EWS and Autodiscover. We recommend that users force Outlook to use Modern Authentication.

Exit Outlook.

Start Registry Editor by using one of the following procedures, as appropriate for your version of Windows:

Windows 10, Windows 8.1, and Windows 8: Press Windows Key + R to open a Run dialog box. Type regedit.exe, and then press Enter.

Windows 7: Click Start, type regedit.exe in the search box, and then press Enter.

In Registry Editor, locate and click the following registry subkey:

ConsoleCopy

HKEY_CURRENT_USER\Software\Microsoft\Exchange

On the Edit menu, point to New, and then click DWORD Value.

Type AlwaysUseMSOAuthForAutoDiscover, and then press Enter.

Right-click AlwaysUseMSOAuthForAutoDiscover, and then click Modify.

In the Value data box, type 1, and then click OK.

Exit Registry Editor

Go to this link for your reference and other troubleshooting procedures https://learn.microsoft.com/en-us/outlook/troubleshoot/authentication/outlook-prompt-password-modern-authentication-enabled

https://learn.microsoft.com/answers/questions/597147/office-365-outlook-keeps-asking-o365-credentials-e.html

-----------------------------------------------------------------------------------------------------------------------------

If the answer is helpful kindly click "Accept as Answer" and up vote it.

Answer 3

M. van Ast | Accept Systems B.V 0

Hi all,

We have the exact same environment with Outlook 365 and Windows Server 2019 with UPD.

The RDS servers are having this issues since they where upgraded form Server 2016 to server 2019.

If someone has a better solution than the copy folder I would be really greatful.

Thanks,

Michel

Share via

Outlook 365 in on prem domain joined terminal server asking for users 365 password every time they log on to the terminal server.

3 answers

Your answer