Credential Manager broken in a handful of computers in recent W10 updates, 365 users frustrated

YeOldeStonecat

YeOldeStonecat

Well-Known Member
Reaction score
6,689
Location
Englewood Florida
Anyone dealt with some computers failing to keep 365 credentials...thus nearly every time the computer "wakes up"..users have to log back into Outlook, OneDrive, etc. And local "hello" logins (PIN and/or fingerprint)...also gone.

I've seen this on just a couple of Win10 computers set to local login accounts.....not domain joined.

www.zdnet.com

Windows 10 password problems: Microsoft says it's fixing bad 'password amnesia' bug

Microsoft finally promises to fix the forgotten-password problems plaguing Windows 10 2004 users since April.
www.zdnet.com www.zdnet.com

www.forbes.com

Microsoft Confirms Serious Windows 10 Password Problem—Here’s The 5 Step Fix

Windows 10 can't remember passwords for some users, Microsoft has confirmed. Here's the 5 step workaround.
www.forbes.com www.forbes.com

I've only seen it since the 20H2 update, even though some articles above note can also be from the 2004 update...or some mention a certain smaller update in mid November area.

So....when you go to Credential Manager...there is NOTHING there related to 365. You should see saved creds for a few 365 services.
I did the registry edit mentioned in one of them, and after a few reboots I managed to get the OneDrive login to stick in Cred Manager...but Outlook isn't yet.

Frustrating me because...whelp..my wifes computers is one of the ones with this issue, so I hear about it several times a day!

Have not tried the recommended powershell script yet to reveal scheduled tasks...as I'd rather see a few more recommended fixes from trusted sources before trying too many things.
 
I dealt with this on close to a dozen machines. All were non-domain and all had version 2004 update. The powershell command fixed every one of them.
 
The powershell:

Code: 
Get-ScheduledTask | foreach { If (([xml](Export-ScheduledTask -TaskName $_.TaskName -TaskPath $_.TaskPath)).GetElementsByTagName("LogonType").'#text' -eq "S4U") { $_.TaskName } }

Reveals scheduled tasks that should have been removed via a feature update but weren't. You're going to need to run that line, so you can find the tasks in question and zap them. I've only seen this a couple times, but the powershell sorted them out too.

I don't know what old version of Win10 came with those lines... but it's just upgrade cruft that only impacted older installations. Fresh 2004s won't do it, nor will 20H1s, but I haven't seen any fresh 1903s or 1909s do it either. The two boxes that did it to me were upgraded from Win10 release... so I assumed somewhere along the way this creeped in.
 
YeOldeStonecat said:
Curious what scheduled tasks were botched up....that you have to go delete.
Click to expand...
In my case each machine had a single task, and it was actually something that was supposed to help the credential manager keep the M365 credentials cleaned up.

Which is handled far better now with the new ADAL stuff MS pushed with Office 2016. So those old tasks were interfering with the existing cleanup the modern auth system does on its own. In effect, the scheduled task was deleting the credentials every 15min.

So yeah, you have to stop it from doing that if you want to keep your hair.
 
So running it on my laptop, just barfs out an error that it cannot find a particular scheduled task, all I get for results is...

*********************************************************************
Get-ScheduledTask : The system cannot find the file specified.
At line:1 char:1
+ Get-ScheduledTask | foreach { If (([xml](Export-ScheduledTask -TaskNa ...
+ ~~~~~~~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: (MSFT_ScheduledTask:Root/Microsoft/...T_ScheduledTask) [Get-ScheduledTas
k], CimException
+ FullyQualifiedErrorId : HRESULT 0x80070002,Get-ScheduledTask

*****************************
So I'm assuming it's looking for a particular task ..and cannot find it.
 
It looks for a task with S4U in the name, and the command shouldn't barf, it completes with nothing returned if it doesn't find anything.

That barf'ing indicates either a typo, copy / paste error, or a fundamental issue on the machine in question.

This is what it looks like on a machine that's not impacted. Namely... my desktop.

1611093572415.png
 
Don't forget to run it in an "elevated" powershell prompt.

  • Get-ScheduledTask | foreach { If (([xml](Export-ScheduledTask -TaskName $_.TaskName -TaskPath $_.TaskPath)).GetElementsByTagName("LogonType").'#text' -eq "S4U") { $_.TaskName } }
 
I had a few machines on 2004 with this problem. Posted on here about it awhile back. For me it was an HP printer related scheduled task, and something from Carbonite as well. Disabling those fixed the problem for all affected machines.
 
JoelM said:
Don't forget to run it in an "elevated" powershell prompt.

  • Get-ScheduledTask | foreach { If (([xml](Export-ScheduledTask -TaskName $_.TaskName -TaskPath $_.TaskPath)).GetElementsByTagName("LogonType").'#text' -eq "S4U") { $_.TaskName } }
Click to expand...

Definitely was running "right click...run as..."

Ran it on my office workstation, came up empty much like Robs screenie.

Rebooted my laptop and ran again...barfed same error.
If I manually bring up "task scheduler" on my laptop, the window launches but I get an error about "LaunchFR" no longer exists...so my laptop's scheduler is probably borked a bit. And hopefully it'll run fine on wifeys laptop tonight.
 
OK I ran it on wifeys laptop this morning....
The only task the script revealed.....copy/pasted below...

********************************************************
PS C:\WINDOWS\system32> Get-ScheduledTask | foreach { If (([xml](Export-ScheduledTask -TaskName $_.TaskName -TaskPath $_.TaskPath)).GetElementsByTagName("LogonType").'#text' -eq "S4U") { $_.TaskName } }
HPCustParticipation HP OfficeJet Pro 8720
PS C:\WINDOWS\system32>
********************************************************

It's just some HP program for customer participation. Yes she has an Officejet Pro in her office, so it's valid, just one of the bundled junk in the HP software, so I deleted the task.
Rebooted.....ran the script again, and it came up <empty>.

Also compared her Task Scheduler to mine on my laptop...didn't see anything in hers that I didn't have. So we setup her Fingerprint login and her PIN login again. Rebooted..and it worked. But we've been here before....so, it typically will begin the symptoms again by the following day. We shall see by tomorrow. Sadly I'm not hopeful, as...I don't see how this HP Cust task caused the problem.
 
@YeOldeStonecat
I understand that you don't see how HP Cust task caused the problem. However on most of the computers I fixed it was exactly that task I had to delete.
There were only a couple that it was a different task. Once deleted, then reboot, then enter all passwords again & never another issue.
 
JoelM said:
HP Cust task ... However on most of the computers I fixed it was exactly that task I had to delete.
There were only a couple that it was a different task.
Click to expand...

OK cool....thanks for stating that. Did a reboot and didn't have to enter creds again...but maybe I'll have her give it yet one more and we'll see. And then give it a chance to go 24 hours...if I recall that task was set to run at 720something PM. She's busy on the laptop for most of the day with work stuff, and more property searching in Florida....getting closer to our relocation time.
 
Spent MANY hours troubleshooting this I'll spare you the details but you can read them here if you want, ultimately it was the HP Cust Survey (Or something like that in the scheduled tasks)

And it only affects 2004, 1909 was fine.

Two different clients, neither storing credentials in credential manager. Login required everytime.

Two completely different clients call complaining that they are having to sign into Office, OneDrive, Adobe etc. Every time the computer is rebooted, or even after an extended period of time. I log in to their systems and for one client I check the credential manager and there isn't anything...
www.technibble.com www.technibble.com
 
Sorry I forgot it was an HP specific thing, but it was so in my case too. Everyone that had issues had Officejets.

HP has since fixed their stuff, so while you're at it just make sure the unit has the latest driver.
 
...and uninstall that customer participation nonsense. It's not our job to make HP's drivers better. I always deselect that option during installation, and try to delete it on sight for client machines as well. It figures such an intractable problem would be caused by something so useless.
 
Last edited:
Telemetry isn't exactly useless... but in this case HP has certainly burned a fair amount of trust in that department.
 
Thanks all....since removing that scheduled task revealed by the script, she hasn't had to go back to the old fashioned password login to Windows...and her 365 related stuff hasn't been nagging to log in again. Fingerprint login for Windows remains intact, 365 happily logged in each day.

Happy Wife, Happy Life!

I'm surprised I haven't seen this more often....but supposed we have so many clients still setup on local domains, not a high percentage of clients on workgroup setups...and most of those would still be on W10 2004
 
I just ran into this with a client today. I couldn't find a scheduled task with the Powershell command or by browsing in Task Scheduler. Uninstalling the HP Customer Participation program made the credentials start working again, though. He was on 20H2.
 
You must log in or register to reply here.

Similar threads

thecomputerguy
Two different clients, neither storing credentials in credential manager. Login required everytime.
2 3 4
Replies
67
Views
9K
thecomputerguy
thecomputerguy
C
Taskbar icons and start menu icons disappear on domain users.
Replies
5
Views
2K
Chrisb41
C
HCHTech
OneDrive for business sync issues
Replies
5
Views
4K
frostbyte5014
frostbyte5014
T
A good Software List..must see!!
Replies
11
Views
7K
nesrinamb
N
Back
Top