Outlook Disconnected MFA causing issue

Copper Contributor

Hello, have researched all over for this specific issue and have came up with a lot of information, however, no permanent fixes.  Have some mailboxes that seem to keep going into disconnected checking the status shows Authn Error.  The issue seems to be with MFA and Outlook somehow going into basic auth(My best guess) because whenever MFA is disabled one the account it works properly connects, etc..  This is happening with the Office 365 on the newest update.  Also hybrid setup with local AD and 365 sync.  Things that have been tried:

Microsoft's regedit to force modern authentication

Recreating the windows profile (Did this and a user called back the next day with Outlook disconnected)

Running Microsoft Sara

Reboot (will fix temporarily then break)

Clearing all creds in credential manager

Clearing out the identity key in registry under Office\16\common

I haven't tried reaching out to MS and see if there's something they can do, I'm out of ideas and all the fixes that worked for others definitely haven't worked for me.

22 Replies

@CptnGridIron 

Yup - identical experience.  Multiple disconnects per day - particular after coming back from hibernation. Connection status showing error in authn column.  Other Office apps impacted too as they will hang when trying to access SP/OneDrive.  Only option is to reboot.  Went even further than you - completely wiped machine and rebuilt but issue came back.  Deleted OL profile multiple times. Searched high & low for answers but no joy.

Also believe that this is related to MFA as I only ever experience this when out of the office.  The office egress IP is defined as a trusted location so users never get prompted for MFA when here.  My machine works flawlessly all day when here.  Deeply frustrating...

@NickWhittome1620 

 

I’ve mostly given up and pushed the people having issues to the PWA, seems to slowly be a cascading nightmare every couple of weeks a new person same issue.  Not even sure where to go with it.

Are your devices enrolled in Endpoint Manager? We have had this issue when staff change their password and ignore the Fix your account notification that pops up. I have had to go into their Account settings and click on the Email settings to fix and/or update.

@CptnGridIron 

 

Quick follow-up on this one.  This is not definitive and I'm still testing...but results so far are interesting.

 

I was noticing that when the issue happens, it's not just Outlook.  Issues with SharePoint files not saving/syncing and very odd issues with our corporate VPN where I could connect and ping internal resources but not access any web interfaces.

 

I also noticed that when I recently spent several days in another location and exclusively on wi-fi, the issue did not happen once.

 

Long story short, I found that the issue happens when at home or in the office (forget the previous comment about the issue not happening in the office - it did happen!) and when connected via ethernet (using a dock) and connected to wifi at the same time.

 

Still testing...but at this point, if I disable wifi when docked, the issue does not happen. 

 

My device is a Dell Latitude 5420.  Would be curious if anyone else can confirm this behaviour.  Will revert back after a few more days of testing.

 

We have the same Problem.

@Carol DeMuth 

 

Good morning,

 

I will check this out and see if this may be part of it.

Still happening here as well. Haven’t had anyone check outside of the office yet, but I do know our issues are all internal. I’ve messed with conditional access and pretty much made it so MFA wouldn’t be a problem and still happens. After a restart connects for about 2 days and then nadda. We’re a Dell shop too. I hate handing out the PWA still even as a temp solution it’s not bad, but would like to know where the issue is and why.

@CptnGridIron 

 

FWIW...the issue for me has been completely resolved by making sure that WiFi is turned off when the devices are docked and connected via Ethernet

@NickWhittome1620 

 

awesome I’ll test that as well.

I’m hoping this is the final note on this chapter for me as well.  Ran through all the suggestions and, unfortunately, no go for me.  However, instead of the “Fix accounts” I removed/disconnected the users “Work or school account” and this is where it became an issue.  So far the 2 that I’ve tested have not removed one took a log off/on and the other needed rebooted entirely.  After the account is removed I restarted and then when everything came up asking to sign in i close them all out and opened outlook first.  When asked to allow this app to sign me into other apps I selected “No, sign into this app only” after I did that outlook attempted to connect and was presented with a certificate error for outlook.office365.com it said the certificate was revoked but saying no to it outlook wouldn’t allow outlook to connect, but saying yes to it allowed outlook to connect I looked at the certificate and it all looks legit so I’m wondering if something that someone setup before I started here is doing something to the connection.  So far have tested on 2 users and one has ran more than 2 days without issue and other has as well, but they’re not saying it’s fixed until Wednesday.  So far that’s the news!  Hopefully this thread helps someone if they run into this disaster.

Hi!

I have the same problem, do you CptnGridIron have any more info on this?
I have users getting these problems after hibernation, Excel, Outlook are the Office apps that is affected.

@Micke640 

So having resolved my issue last year, I got a new laptop and about 3 weeks ago, the exact same thing happened.  This time, the wifi/ethernet thing was not the solution.

 

There's a separate thread about it here
https://answers.microsoft.com/en-us/windows/forum/windows_11-performance/windows-services-onedrive-a...

 

Situation is cropping up for our users more often than I would like....and same for others too.  No solutions apparent to me at this point.  I just re-imaged the laptop and it's back to normal

@Micke640 

 

So far when we run into this issue we remove their 365 accounts from email & accounts restart. Sign back into outlook and select “no sign into this app only” and we do the same for teams, one drive, etc. is it efficient? No, but so far it’s the only thing I’ve found so far that makes it so we don’t have to reboot nonstop and imaging or rebuilding a computer each time isn’t a solution for us as well. Maybe it has to do with signing into teams before outlook, but not sure now I just select “sign into this app only” and so far no issues.

Hi @CptnGridIron I have run this ps script on users that have this problem. It works 90% of all times.
We have one user that getting the problem after hibernation. The script did not help him
if (-not (Get-AppxPackage Microsoft.AAD.BrokerPlugin)) { Add-AppxPackage -Register "$env:windir\SystemApps\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\Appxmanifest.xml" -DisableDevelopmentMode -ForceApplicationShutdown } Get-AppxPackage Microsoft.AAD.BrokerPlugin

@CptnGridIron 

Did you change the order to MFA first before User ID / Password?

HI!

I have now two scenarios' when one user get disconnected from Outlook, Onedrive, SP
1 User computer (dell Latitude ) gets into hibernation, users start working and after some time he ses that he hasn't go any email. Restart is the only thing that works
2 MFA, we activated the MFA on the same user, same thing happens as above.

@Kidd_Ip where do i change oder for MFA before User ID and Password
CptnGridIron do you have any news on this

@Micke640 

 

Hello,

 

Unfortunately, as previously mentioned the only thing that consistently works for us is disconnecting users account in settings, rebooting and then signing in one at a time saying “No, sign into this app only” nothing else has personally worked for us.

Hi!
@CptnGridIron

Yesterday I did som testing on one computer that has this problem. What I found out that after removing all files in: %localappdata%\Packages\Microsoft.AAD.BrokerPlugin_cw5n1h2txyewy\AC\TokenBroker\Accounts
Outlook starts without any problem, and I could not force the error with hibernation. Please try this and get back to me
Sorry to say that the problem was back today :(

are anyone here using dockingstation? My theory now is that the problem is on computers that uses dockingstation, in my case Dell D6000 and D3100