I’ve been struggling with a problem for the past few days. I don’t have a fix yet, but I’ll continue to post things as I try them.
- Windows Domain network
- Two Windows servers.
- DHCP, DNS on the Win servers
- Exchange 2013 server hosted by Rackspace
- SonicWALL firewall
- Outlook 2010 (don’t ask), 2016 clients
- Client OS: Win 7, Win 8, Win 10.
About five minutes after Outlook starts and successfully connects to the Exchange server, a window pops up. The source is Windows Security, and it asks for a user name and password for the Exchange server:
With Outlook 2016 on Win 10, entering the user name and password results in another pop-up. Closing the window or hitting cancel results in another pop-up. The only way to continue working is to leave the pop-up open and click on another window, giving it the focus. During all this time, Outlook continues to indicate that it is connected to the Exchange server and to download messages, but it will not automatically download messages from POP3 servers that are also configured. Clicking on Send/Receive All Folders does do that, however.
With Outlook 2010 on Win 7, it’s worse. Entering the user name and password results in another pop-up. Closing the window or hitting cancel results in another pop-up. The popup always claims the focus, making it impossible to type anything into another program. During all this time, Outlook continues to indicate that it is connected to the Exchange server and to download messages, but it will not automatically download messages from POP3 servers that are also configured. Clicking on Send/Receive All Folders does do that, however.
This happened to one Outlook client. A day later, it happened to another client running a different version of Office on a different OS. Four days later, it happened on a third client.
Although the onset seems unpredictable, this is not an intermittant problem. Once it occurs on a client, it continues repeatedly on that client.
Microsoft says that any of the following could cause the problem:
- Outlook is configured to prompt you for credentials
- Incorrect password cached in credential storage
- Required Authentication Settings for outgoing server and incoming server
- Outlook Anywhere is not configured to use NTLM Authentication
- Corrupt Outlook profile
- Slow or unstable network connection
- Antivirus programs
- Shared calendars
Since this is happening on several — but not all — Outlook clients, I think that random corruption of a profile or credential is unlikely. My network connections appear to be stable and fast (50Mb/s over wired Ethernet, >20 Mb/s over WiFi.).
What I’ve tried:
Updating Outlook 2016. In this advisory:
Microsoft says that they’ve found and fixed a bug that causes the problem I’m seeing. I tried the update that they suggested. No change.
Making sure that “Always prompt for credentials” is not checked in the account settings. It wasn’t.
Removing credentials from Control Panel > Mail > User Accounts > Manage your credentials > Windows Credentials. No joy. This was the solution suggested by Rackspace tech support. I didn’t think it was a likely fix, since it seemed to assume that the credential corruption that would be handled by it was random, where it appears that something is affecting multiple Outlook clients.
Resetting the network time. This isn’t one that I found on the web, but I did notice that the local network time was wrong by a few minutes. I reset the time on the server, and rebooted the clients. No difference.
Rebooting the domain controllers and clients. I thought there could have been a DNS or DHCP problem. Apparently there wasn’t.
Flushing local DNS cache. From the command line, enter: “ipconfig /flushdns”. No effect.
Unchecking “Download Shared Folders” in Mail account settings. Nope.
Turning off shared calendars. Didn’t help.
Entering domain credentials into the pop-up, as opposed to Exchange server mailbox credentials. Didn’t fix the problem.
Turning off all Norton firewall, AV, and spam blocking. Nope.
Creating a new Outlook profile. No change.
Starting Outlook in safe mode. Some old same old.
Checking the SonicWALL logs for dropped packets. I set the SonicWALL packet monitoring for all packets. I started capturing, clicked OK in the pop-up window to send the stored password several times, and then turned off capturing. When I looked at the log with a filter for the client IP address, there were a few UDP multicast and broadcast packets dropped, but no other packets were dropped.
Checking for dropped packets and long latency on my LAN or my link to my ISP. This is with a Wi-Fi client, which is a worst-case:
I decided to try using manual control of Outlook/Exchange connection as a workaround. Setting the Outlook clients to “Work Offline” in all three cases produces the expected result: the pop-up windows stop. However, putting two of the clients back in to normal, connected, mode has caused the pop-ups to stop for more than an hour. In the third client, the Outlook 2010 one, the pop-ups came back when the client was set to normal connection mode. It’s going to be a little hard to troubleshoot this with only one client showing the problem…
After five hours, the pop-up window sprang into life on one of the Outlook 2016 clients. I closed it. It did not immediately reappear. After 12 hours, it had not reappeared, nor had it reappeared on the other Outlook 2016 client.
After three or four days, no more problems on the Outlook 2016 clients. Then I turned on a laptop with Outlook 2016 installed which, for a reason I don’t fully understand, had not updated its internal clock to the server’s time. Problem returned. And then it showed up on one of the formerly fixed Outlook 2016 clients. I rebooted the machine until it picked up the correct time, set it ot “work offline” mode, and dis the dame thing to the other Outlook 2016 client that had caught the disease. That fixed them both, at least so far.
So I think the root cause was the wrong server clock, which caused the client’s clocks to be wrong, which caused Exchange to reject part of the automatic client login (but, strangely enough, not the whole thing). I don’t know why toggling “work offline” fixes thing, but it appears to.
Rackspace sent me an interesting suggestion:
One thing we have found to be really successful in this situation is completely powering down every single device associated with the email address, changing the password in the control panel, and then slowly powering back on each device one by one and updating the password manually usually solves this issue.
This seems to be a more drastic solution for a problem where the Exchange server stops trusting Outlook clients and rejects their credentials. No word on why the iOS clients have sailed through all this brouhaha with no problems.
A week or so went by with no problems. Then I started getting pop-ups on one Outlook 2016 machine. After a couple of days, the same problem occurred on another Outlook 2016 instance connected to the same Exchange mailbox. This time, toggling Work Offline didn’t fix the problem. I even got the pop-up while working offline.