Forum Discussion
Outlook is attempting to authenticate to the Exchange server using local username and password
Hi!
We are using Exchange Server 2016 with the latest updates and primarily using Outlook 2019 or 2021 clients. We have bound an internal Exchange mailbox account, and every time Outlook is launched on a non-domain computer, it attempts multiple authentications on the Exchange server using the local user account (some of my users are working on non-domain computers). However, Outlook actually functions properly. I'm not sure why it is attempting to authenticate using the local username. I have checked if the incorrect username and password are saved in the Credential Manager for the user. I can see a large number of Event 4625 audit failures in the failed logs on the Exchange server,
corresponding to my non-domain computer account "ZYY" in this case.
账户登录失败。
用户:
安全 ID:S-1-0-0
账户名称: -
账户范围: -
登录ID: 0x0
登录类型: 3
登录失败的账户:
安全 ID:S-1-0-0
账户名称:ZYY
账户范围: LAPTOP-P0SO72JO
失败信息:
失败原因:未知用户名或密码错误。
状态: 0xC000006D
子状态: 0xC0000064
进程信息:
调用方进程ID: 0x0
调用方进程名: -
网络信息:
工作站名称: LAPTOP-P0SO72JO
来源网络地址: 123.52.19.87
源端口: 14118
详细身份验证信息:
登录进程: NtLmSsp
身份验证数据包:NTLM
配送服务:-
数据包名(仅限 NTLM): -
长度: 0
登录请求失败时在尝试访问的计算机上生成此事件。
"用户"字段指示本地系统上请求登录的帐户。这通常是一个服务(例如 Server 服务)或本地进程(例如 Winlogon.exe 或 Services.exe)。
"登录类型"字段指明了发生的登录类型。最常见的类型是 2 (饮料)和 3 (网络)。
"进程信息"字段表明系统上的哪个账户和进程请求了登录。
"网络信息"字段指示远程登录请求来自哪里。"工作站名"并不总是可用,而且在某些情况下可能会留为空白。
"身份验证信息"字段提供有关此特定登录请求的详细信息。
-"传递服务"指明了哪些直接服务参与了此登录请求。
-“数据包名”指明在 NTLM 协议之间使用了哪些子协议。
-"密钥长度"指示生成的会话密钥的长度。如果没有请求会话密钥,则该字段为0。
I came across a similar issue while browsing for solutions, and I suspect that this might be a long-standing problem. Here are some relevant links:
- Try deleting unnecessary items in Control Panel -> Credential Manager!
- HI YOUN ANN
Thank you very much for your reply. I tried to look for the credentials in the credential manager, but I couldn't find any relevant credentials. It's possible that these credentials are not visible in the control panel.
I found that Outlook automatically uses the current Windows system login user credentials to authenticate with the Exchange server. For example, on my computer without a domain, the local user is Administrator. This results in corresponding authentication records for Administrator on the Exchange server, and multiple failed attempts can lead to the Administrator user account on the domain server being locked.
This method of using the Windows system user credentials for authentication is more suitable for domain-joined computers, but it can be problematic for non-domain computers when it comes to the Exchange system.
I'm wondering if there is a way to make Outlook only use its own email account credentials for authentication, instead of using the Windows system user credentials.
These are just my guesses and thoughts, and they may not be correct. I would like to understand the specific reasons and solutions. I welcome further discussion. Thank you.- Is same domain account and non-domain computer account?
