Home

Credential prompt when adding additional mailbox in Outlook

%3CLINGO-SUB%20id%3D%22lingo-sub-457366%22%20slang%3D%22en-US%22%3ECredential%20prompt%20when%20adding%20additional%20mailbox%20in%20Outlook%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-457366%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWe%20have%26nbsp%3BAzure%20AD%20Connect%20configured%20to%20sync%20user%20from%20AD%20to%20AAD.%20AD%20FS%20is%20in%20place%20to%20handle%20SSO%20for%20the%20managed%20domains%20in%20Office%20365.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EUsers%20run%20Windows%2010%201809%20and%20Outlook%20365%201902.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhen%20a%20user%20logon%20to%20his%2Fher%20computer%20and%20start%20Outlook%20for%20the%20first%20time%20Outlook%20detects%20the%20users%20email%20and%20the%20user%20can%20just%20click%20Connect%20and%20continue%20trough%20the%20wizard%20in%20Outlook%20to%20add%20his%2Fher%20mailbox.%20During%20this%20process%20the%20user%20is%20never%20prompted%20to%20enter%20their%20password.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20the%20user%20decide%20to%20add%20a%20second%20mailbox%20(File%20-%26gt%3B%20Add%20Account)%20in%20Outlook%20they%20enter%20the%20email%20address%20of%20the%26nbsp%3Badditional%20mailbox%20and%20click%20Connect.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhat%20happens%20then%20is%20they%20are%20presented%20with%20window%20where%20our%20AD%20FS%20server%20is%20prompting%20for%20a%20username%20and%20password.%20The%20username%20is%20pre-populated%20with%20the%20the%20email%20address%20of%20the%20mailbox%20they%20try%20to%20add.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20user%20have%20propper%20permissions%20to%20access%20the%20mailbox.%20If%20they%20change%20the%20username%20to%20their%20own%20email%20address%20and%20enter%20their%20own%20password%20they%20mailbox%20is%20successfully%20added%20to%20Outlook.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMy%20question%20is%2C%20is%20it%20possible%20to%20have%20Outlook%20authenticate%20using%20the%20logged%20on%20user%20account%20credentials%20so%20we%20get%20an%20SSO%20experience%20when%20adding%26nbsp%3Badditional%20mailboxes%20in%20Outlook%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%20Erik%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-457366%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EOutlook%20365%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESSO%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-462127%22%20slang%3D%22en-US%22%3ERe%3A%20Credential%20prompt%20when%20adding%20additional%20mailbox%20in%20Outlook%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-462127%22%20slang%3D%22en-US%22%3E%3CP%3ENo%2C%20as%20Outlook%20actually%20uses%20the%20smtp%20address%20of%20the%20mailbox%20you%20are%20trying%20to%20add%20for%20the%20autodiscover%20process%2C%20which%20then%20redirects%20to%20your%20AD%20FS%20with%20the%20exact%20same%20address.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Erik Droszcz
Occasional Contributor

Hi,

 

We have Azure AD Connect configured to sync user from AD to AAD. AD FS is in place to handle SSO for the managed domains in Office 365.

 

Users run Windows 10 1809 and Outlook 365 1902.

 

When a user logon to his/her computer and start Outlook for the first time Outlook detects the users email and the user can just click Connect and continue trough the wizard in Outlook to add his/her mailbox. During this process the user is never prompted to enter their password.

 

If the user decide to add a second mailbox (File -> Add Account) in Outlook they enter the email address of the additional mailbox and click Connect.

 

What happens then is they are presented with window where our AD FS server is prompting for a username and password. The username is pre-populated with the the email address of the mailbox they try to add.

 

The user have propper permissions to access the mailbox. If they change the username to their own email address and enter their own password they mailbox is successfully added to Outlook.

 

My question is, is it possible to have Outlook authenticate using the logged on user account credentials so we get an SSO experience when adding additional mailboxes in Outlook?

 

Regards Erik

1 Reply

No, as Outlook actually uses the smtp address of the mailbox you are trying to add for the autodiscover process, which then redirects to your AD FS with the exact same address.