If you still experience password prompts on your Outlook clients after ruling out your third-party AV causing the issue, you should check the following registry key / value on your computer unless you have an Active Directory Group Policy Object (GPO) policy overriding your local computer. Please check with your IT admin if you have a GPO configured (Please Note, Zix/Appriver support cannot directly support GPO configurations).
- It must be set at least to a value of 3 which is Send NTLMv2 response only. If the key is not there the computer will default to a value of 3 unless you have an Active Directory GPO overriding the local computer.
If your admin is using Active Directory GPOs instead to set your security policy, please verify the following Policy location to ensure it is set to one of the supported values below. (Please Note, Zix/Appriver support cannot directly support GPO configurations).
Policy Name: Network security: LAN Manager authentication level
Unsupported values Send LM & NTLM responses Send LM & NTLM - use NTLMv2 session security if negotiated Send NTLM responses only
Supported values Send NTLMv2 responses only Send NTLMv2 responses only. Refuse LM Send NTLMv2 responses only. Refuse LM & NTLM Not Defined
Posted Mar 09, 2024 - 19:40 CST
Monitoring
We are getting reports of some users unable to log into Outlook desktop but can successfully log into Outlook Web Access.
There was a recent Microsoft Exchange security update that could be causing this impact if you are using an outdated non-supported version of Outlook or using an Anti-Virus service on your computer. Clients using AV that does endpoint protection of the Outlook connections could cause repeated login prompts as that would appear as a man-in-the-middle attack.
Please ensure you are currently running at least Outlook 2013 (that is fully updated) or newer. *Please note however, Outlook 2013 Microsoft end of life was on April 11th, 2023, so it is further recommended to run at least Outlook 2016 or newer*
If you have a third-party Anti-Virus service running on your computer, please temporarily disable the setting doing endpoint protection on Outlook connections through your AV, restart Outlook, then see if you can successfully log into Outlook. If successful, this indicates your AV could be running encrypted connection checks on Outlook connections or could be running an AV that needs to be updated.
We recommend to please contact your AV service provider / support team to report this issue for assistance.
Posted Mar 09, 2024 - 13:59 CST
This incident affected: Secure Hosted Exchange (Exchange 2013/2016+ (EXG7)).