Kerberos - client has TGT, but prompted for password when accessing share.

Similar Messages

• Outlook 2007 Clients Prompt For Password When Opening

  I am running Exchange 2007 Standard.  New outlook 07 clients prompt for password each time it is opened.  Older clients do not prompt for password.  Is there any way for outlook 07 to not prompt for password?  Users already logged into domain, should their credentials not be recognized automatically like with outlook 03?

  This fixed it for me.
  http://social.technet.microsoft.com/Forums/en-US/exchangesvrgeneral/thread/383d130e-869f-4fce-9502-8b340904b0ba/#636c5a5e-c61f-414b-8e85-562c888b83cc
  Quote:
  Same problem here after restarting SBS 2008 for upgrades (annoying login box popping up after starting Outlook and also other times). 
  This solved the problem for me:
  IIS Mgr on SBS 2008 / - / SBS Web Applications /
  - SSL Settings / Client certificates - Stop / Start web server after changing settings: 
  Autodiscover: Ignore 
  EWS: Ignore 
  OAB: Accept *) 
  owa: Accept *) 
  Rpc: Accept *) 
  RpcWithCert: Accept *) 
  *) All these have to be Accept to get rid of login box 
  Best regards 
  Bjorn
  I was having the same issue. SBS2008, Exchange 2007. Only being prompted in Outlook 2007 clients. Tried a lot of different things to fix it, but none worked. This started happening after a round of security updates but I could not find KB2412171 on the list.

• SharePoint prompting for password when saving word document

  Saving a word document back to SharePoint always prompts for credentials.
  I am the administrator for a SharePoint farm. We have enabled kerberos, and added the portal to the intranet zone in Internet Explorer by group policy. Most of the time this limits the amount of password prompts our customers see (including viewing the portal
  in a browser, and opening documents); however, we are still getting the prompt for credentials when trying to save a word document back to SharePoint.
  Here are some details: - SharePoint 2010 - Word 2010 - Kerberos enabled - Portal added to intranet zone in IE - Checkbox for passing automatic credentials enabled
  Can anyone help? Is there something I've missed? Is this prompt just unavoidable?

  Hi,
  Internet Explorer uses the Web Client service when you use Internet Explorer to access a
  WebDAV resource. The Web Client Service uses Windows HTTP Services (WinHTTP) to perform the network I/O to the remote host.  WinHTTP sends user credentials only in response to requests that occur on a local intranet site. 
  However, WinHTTP does not check the security zone
  settings in Internet Explorer to determine whether a Web site is in a zone that lets credentials be sent automatically.
  Click Start, type regedit in the Start Search box, and then press
  ENTER.
  Locate and then click the following registry subkey:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebClient\Parameters
  On the Edit menu, point to New, and then click
  Multi-String Value.
  Type AuthForwardServerList, and then press ENTER.
  On the Edit menu, click Modify.
  In the Value data box, type the URL of the server that hosts the Web share, and then click
  OK.
  Note   You can also type a list of URLs in the
  Value data box. For more information, see the "Sample URL list" section in this article.
  Exit Registry Editor.
  After this registry entry is created, the WebClient service will read the entry value. If the client computer tries to access a URL that matches any of the expressions in the list,   the user credential will be sent successfully to authenticate
  the user, even if no proxy is configured.
  Note You have to  restart the WebClient service after you modify the registry.
  Reference: http://support.microsoft.com/kb/943280?wa=wsignin1.0
  -Ivan
  Ivan Sanders My LinkedIn Profile,
  My Blog,
  @iasanders.

• Prompted for Password when Moving Item to Trash

  Whenever I attempt to send anything from my Startup Disk to the Trash (This problem only happens when moving to the trash from the Startup disk, not with my external hard drive or any USB drives attached) it prompts for my Administrator Username and Password. When I do that, the file then skips the trash and is deleted immediately. Items already in the trash are seemingly unnaffected.
  I did some research online, which led me to believe it might be my trashes.db file. I followed some steps to fix this file in the UNIX Terminal, but I can't do that without a SU (SuperUser) account, so I enabled the root account and used that for the repair. However, nothing has changed and I am continuing to see this problem.
  I am running OS X Lion, 10.7.2, and it is a 2010 Mac Mini. I am an administrator account and I have access to UNIX sudo commands through the root user set up on my computer. Any help would be greatly appreciated.

  Thanks to both for your replies.
  Eric,
  Thanks much for that link and the Apple Token workaround. That did the trick!
  Thanks a lot for your help.
  Best,
  Andre

• Outlook 2013 repeatedly prompts for password when connecting to Exchange Server 2010

  I am trying to configure Outlook 2013 on a Windows 8.1 Pro client.  The exchange server is 2010 SP1 and works just fine with OL 2010.
  When I configure OL 2013, the configuration prompts for a password for the account repeatedly with both NTLM and Basic Authentication chosen.  OL 2013 tries to connect and then it disconnects with the password for the account repeatedly prompted. When
  the credentials are entered, the prompt reappears immediately.
  Might anyone help?
  Many thanks in advance
  Shuvo

  Hi Shuvo,
  Please check whether this user can access mailbox in OWA. Please manual setup this account in Control Panel to have a try. Make sure your
  Server name and User name are configured correctly. If you are configure the account in internal domain environment, please click
  More Settings, set Negotiate Authentication in
  Security tab and uncheck Connect to Microsoft Exchange using HTTP in Connection tab.
  If there is any updates, please feel free to let us know.
  Thanks,
  Winnie Liang
  TechNet Community Support

• Stop prompting for password when uninstalling an application

  Is there any way to turn off OS X from prompting for my password when deleting/uninstalling an application?

  This is a security feature I would not want to disable. In addition to helping prevent accidentally deleting an app, it also protects against potential installation of nefarious malware.
  True, it is a little bit of inconvenience, but, really, how often is it necessary to uninstall something?

• Ipad not prompting for password when trying to access a wireless router

  bought new ipad cannot access internet thru wireless router have 2 iphones that work.  try to access a protected wireless network but is not asked for password just told cannot access.

  This link may be helpful.
  http://support.apple.com/kb/TS1398

• IMAP users continually prompted for password when switching folders

  I've sifted through /var/log/mailaccess.log and I notice the following message is logged when the above behavior occurs:
  Jan 19 00:59:49 hostname imap[3879]: badlogin: [XXX.XXX.XXX.XXX] GSSAPI [SASL(-13): authentication failure: user username is not allowed to proxy]
  XServe Dual G5   Mac OS X (10.4.8)   latest updates as of 1/19/07

  to elaborate on this issue a bit more.
  This issue seems to be isolated to imap clients only and started occurring two days ago on a server that has worked great for a long time. The exception is Squirrelmail which works flawlessly (Thunderbird, entourage, mail.app, etc. seem to have the problem)
  The only change (that we are aware of) is a shift in the spamassassin kill rates (from 7 to 6). However reverting this doesn't help.
  A user can log into their imap account without problem but when navigating to a different iMap folder the authentication information is sent, fails and reprompts then for their credentials. The second attempt (retyping of the password) works and they see their email.
  The problem seems to be isolated to a few users and does not affect everybody. We can not find a commonality between them though.
  The error message (posted above) is what we see in the log files. We see this in
  system.log
  asl.log
  if it helps we are also getting some skiplist errors in mail.log
  "Message skiplist: recovered"
  Finally we ran all of the latest updates and are fully "upped" so to speak.
  POSTCONF -n
  alias_maps = hash:/etc/aliases,hash:/var/mailman/data/aliases
  command_directory = /usr/sbin
  config_directory = /etc/postfix
  content_filter = smtp-amavis:[127.0.0.1]:10024
  daemon_directory = /usr/libexec/postfix
  debugpeerlevel = 2
  defaultprocesslimit = 75
  disablevrfycommand = yes
  enableserveroptions = yes
  html_directory = no
  inet_interfaces = all
  localrecipientmaps =
  luser_relay = undeliverable
  mail_owner = postfix
  mailboxsizelimit = 0
  mailbox_transport = cyrus
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  messagesizelimit = 0
  mydestination = $myhostname,localhost.$mydomain,localhost,youthchannel.org,mnn.org
  mydomain = mnn.org
  mydomain_fallback = localhost
  myhostname = mail.mnn.org
  mynetworks = 127.0.0.0/8,192.168.0.0/16,216.164.83.166/32
  mynetworks_style = host
  newaliases_path = /usr/bin/newaliases
  ownerrequestspecial = no
  queue_directory = /private/var/spool/postfix
  readme_directory = /usr/share/doc/postfix
  recipient_delimiter = +
  sample_directory = /usr/share/doc/postfix/examples
  sendmail_path = /usr/sbin/sendmail
  setgid_group = postdrop
  smtpdclientrestrictions = permitsaslauthenticated, permit_mynetworks, rejectrblclient cbl.abuseat.org, rejectrblclient bl.spamcop.net, rejectrblclient sbl-xbl.spamhaus.org
  smtpddatarestrictions = permit_mynetworks, rejectunauthpipelining, rejectmulti_recipientbounce, permit
  smtpdhelorequired = yes
  smtpdhelorestrictions = permitsaslauthenticated, permit_mynetworks, checkheloaccess hash:/etc/postfix/helo_access, rejectnon_fqdnhostname, rejectnon_fqdnsender, rejectnon_fqdnrecipient, rejectunknown_senderdomain, rejectunknown_recipientdomain, rejectinvalidhostname
  smtpdpw_server_securityoptions = login,plain,cram-md5,gssapi
  smtpdrecipientrestrictions = permitsaslauthenticated, permit_mynetworks, rejectnon_fqdnhostname, rejectnon_fqdnsender, rejectnon_fqdnrecipient, rejectunknown_senderdomain, rejectunauthdestination, rejectunlistedrecipient, rejectrblclient sbl-xbl.spamhaus.org, rejectrblclient cbl.abuseat.org, rejectrblclient bl.spamcop.net, permit
  smtpdreject_unlistedrecipient = yes
  smtpdsasl_authenable = yes
  smtpdsenderrestrictions = permitsaslauthenticated, permit_mynetworks, rejectunknownaddress, rejectunknown_senderdomain, rejectnon_fqdnsender, permit
  smtpdtls_certfile = /etc/certificates/Default.crt
  smtpdtls_keyfile = /etc/certificates/Default.key
  smtpduse_pwserver = yes
  smtpdusetls = no
  strictrfc821envelopes = yes
  unknownaddress_rejectcode = 554
  unknownclient_rejectcode = 554
  unknownhostname_rejectcode = 554
  unknownlocal_recipient_rejectcode = 550
  Thanks for any insight.
  xServe Dual G5 Mac OS X (10.4.8) powerbooks, ibooks, imacs, n' more
  xServe Dual G5   Mac OS X (10.4.8)   powerbooks, ibooks, imacs, n' more

• Prompted for password when opening icloud mail

  Hi,
  I downloaded Mavericks a week or so ago and everything's fine except one glitch:
  Whenever I open the Mail app, it prompts me to enter my password before retrieving anything. As soon as I enter my password it connects to iCloud fine. Under Preferences (General account tab) there is a password slot into which the password can be entered. But when I do that, and then save the changes, it doesn't retain the information. When I re-open the Mail app, the same prompt re-appears. When I check Preferences, the password slot is still empty.
  I also have a pop account separate from iCloud IMAP, and that works just fine. Like it did under Mountain Lion.
  Is there some kind of glitch still? I downloaded today the 11-08-2013 Maverick mail update from the App store, but that didn't solve this particular problem. It appears to be related to GMail accounts only anyway.
  Any thoughts on how I can get the Mail app to retain my password info for the iCloud account so that I don't have to keep re-entering it?
  Many TIA for any hints!
  (P.S: My machine is a 2012 15" RD MacBook Pro)

  Thanks to both for your replies.
  Eric,
  Thanks much for that link and the Apple Token workaround. That did the trick!
  Thanks a lot for your help.
  Best,
  Andre

• Mac users prompted for password when reading PDFs from Internet

  We produce PDFs with a randomly generated password to "protect" them from being editted.
  Periodically, we get complaints from Mac users who, upon clicking the PDF link, are prompted to enter the password.  My guess at this point is that they have Acrobat (not Reader) installed and it's wanting to open the PDF in an editable mode by default. 
  Does this sound correct?
  What instructions should we give them to work around this issue?  Is there a settings change for this (least desireable) or a Ctrl-Click sequence to get it in "read-only" mode?
  We're not Mac folks -- don't have one in-house -- so we haven't had an environment to experiment in.
  BTW:  The issue is with our clients' customers so we need something fairly non-technical for directions.
  Thanks, Scott

  Scott, Check your private messages.

• How to disable the prompt for password when receiving a call on Lync mobile on iPhone

  We are doing a pilot on Lync 2013.  We have mobile phones: i Phones.
  When we are receiving a call, we are prompted to enter password to take the call, which in certain cases, might be a real irritant.  Is there a way to bypass, or simply removing this prompt?

  I am not aware of any password to receive calls (and certainly there's no option I am aware of within Lync mobility policy settings)
  Is this a phone password (i.e. such as the PIN code) or do you enter your AD password? 
  If it's the phone password then you can turn it off through Settings > Passcode, unless it set by company policy (i.e through ActiveSync policies in which case this is set through Exchange). Bear in mind that if it is your phone password then you'll have
  no security on your phone.
  If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer"
  Georg Thomas | Lync MVP
  Blog www.lynced.com.au | Twitter
  @georgathomas
  Lync Edge Port Check (Beta)

• Gnome screen lock does not prompt for password

  Whenever I lock my screen under gnome, I am never prompted for password when unlocking.
  Does anyone know how to solve this issue?

  Do you have fprintd installed? I ask because I found the following openSUSE bug report: http://lists.opensuse.org/opensuse-bugs … 01518.html

• 3?'s: Message today warning lack of memory when using Word (files in Documents) something about "idisc not working" 2. Message week ago "Files not being backed up to Time Capsule"; 3. When using Mac Mail I'm prompted for password but none work TKS - J

  3 ?'s:
  1  Message today warning lack of memory when using Word (files in Documents) something about "idisc not working"
  2. Message week ago "Files not being backed up to Time Capsule";                                                                                                                                             
  3. When using Mac Mail I'm prompted for password but none work
  Thanks - J

  Thanks Allan for your quick response to my amateur questions.
  Allan:     I'm running version Mac OS X Version 10.6.8     PS Processor is 2.4 GHz Intel core 15 
  Memory  4 gb  1067   MHz  DDr3  TN And @ 1983-2011 Apple Inc.
  I just "Updated Software" as prompted.
  Thanks for helping me!    - John Garrett
  PS.
  Hardware Overview:
    Model Name:          MacBook Pro
    Model Identifier:          MacBookPro6,2
    Processor Name:          Intel Core i5
    Processor Speed:          2.4 GHz
    Number Of Processors:          1
    Total Number Of Cores:          2
    L2 Cache (per core):          256 KB
    L3 Cache:          3 MB
    Memory:          4 GB
    Processor Interconnect Speed:          4.8 GT/s
    Boot ROM Version:          MBP61.0057.B0C
    SMC Version (system):          1.58f17
    Serial Number (system):          W8*****AGU
    Hardware UUID:          *****
    Sudden Motion Sensor:
    State:          Enabled
  <Edited By Host>

• I cannot download an app from the app store, it keeps loading until it says "You have already purchased this app so it will be downloaded no at  no additional charge", and then it prompt for password and I input it after which nothing happens.

  I cannot download an app from the app store, it keeps loading until it says "You have already purchased this app so it will be downloaded no at  no additional charge", and then it prompt for password and I input it after which nothing happens.
  I know my icloud has record of my installing this app before, but that was the first install that was failed during that time some other apps also keeps loading without respond whey they updated itself, and this app didn't install before I restart the device. But I don't see this app on my device after I restarted the device so it should have been installed on my device. It seems icloud has created some kind of dead loop that makes it not able to get the correct status about this app on my device.
  I have no problem install this app on my other device (iPad) with the same account, but just fail on my iPhone. And it just fine installing other apps...... What happened !!?? @@
  Please help !!! 

  Someone help! I dont know how to do this and please put the words into an easy way to understand because im young...

• XFA Pdf form call secure webservice without prompt for password

  Hi,
  We are using XFA forms within the company. We have created many (400+) interactive forms with fields to fill manually.
  Now the business would like to lookup account details. They want user to be able to enter account number and then lookup details through webservice.
  The webservice is created on HOST/CICS and in COBOL. We need security on HTTPS and we cannot accept that the user is prompted for password.
  Our security department state that normal practice is to use KERBEROS token that gets authenticated later - is that possible with Adobe Reader??
  Have anyone developed this functionality within XFA forms and Adobe Reader?
  Thanks in advance,
  Thomas Groenbaek

  Reader can make Web Service calls but the form must be Reader Extended by LiveCycle Server to allow this. It does support secure web service calls but it does uid/pwsd or certificate authentication. Note that the web service can only return simple types. Objects cannot be returned.
  Paul