Two different clients, neither storing credentials in credential manager. Login required everytime.

thecomputerguy

thecomputerguy

Well-Known Member
Reaction score
1,414
Two completely different clients call complaining that they are having to sign into Office, OneDrive, Adobe etc. Every time the computer is rebooted, or even after an extended period of time.

I log in to their systems and for one client I check the credential manager and there isn't anything there under Windows Credentials. I login to her MS account, OneDrive and Adobe and it's filled with credentials for Adobe and Credentials fill in for outlook.office365.com, MicrosoftOffice16_Data:SSPI:user@domain.com

Everything functions normally, reboot the computer, credentials are gone, everything requires re-login, then credentials are stored again under generic credentials.

OVER and OVER.

Both computers are running 2004

One is
Dell (Roughly 8 Months old)
i5
16GB
500GBNVme

Other one is similar specs

Both in Workgroup

Any ideas?
 
Nevermind ... issue still persists ... logged back into both computer this morning both computers asked for credentials again for Office, Outlook, Onedrive & Adobe ... and all credentials were again missing from the credential manager ...

Any ideas?
 
They use M365 right? Are the platforms appropriately standardized? Because if it were my systems, after going through all this I'd simply not trust the installation and nuke them. Saves time too.
 
Sky-Knight said:
They use M365 right? Are the platforms appropriately standardized? Because if it were my systems, after going through all this I'd simply not trust the installation and nuke them. Saves time too.
Click to expand...

One client actually uses POP the other one is O365 but it seems to be a systemwide credential issue since it also affects Adobe.
 
thecomputerguy said:
One client actually uses POP the other one is O365 but it seems to be a systemwide credential issue since it also affects Adobe.
Click to expand...

I've only seen behavior like this once, and it wasn't on Windows 10, it was on Windows 7. I was never able to fix it, I wound up nuking the unit and setting it up from scratch. If only I had FABs back then...
 
Went onsite and did an onsite nuke and pave after imaging the SSD.

Reinstalled windows, office, adobe everything from scratch ... didn't even want to use fabs because I wanted it to be as clean as possible.

After spending two hours on this, right before I walked out the door ... password prompts. The issue still persists after a nuke and pave on a relatively brand new computer.
 
I'm afraid were I in your shoes I'd open a ticket with M365 support on this.

I've seen MFA jump off the rails and cause something similar to this... once. The fix was to disable MFA, reenable MFA and reenroll the phone.

This issue cannot be with the credential manager, unless the reload process involves software that mucks with credentials.

Do the endpoints in question have any sort of alternative authentication mechanisms? Facial recognition? Fingerprint readers? 3rd party AV software with password management?
 
Sky-Knight said:
I'm afraid were I in your shoes I'd open a ticket with M365 support on this.

I've seen MFA jump off the rails and cause something similar to this... once. The fix was to disable MFA, reenable MFA and reenroll the phone.

This issue cannot be with the credential manager, unless the reload process involves software that mucks with credentials.

Do the endpoints in question have any sort of alternative authentication mechanisms? Facial recognition? Fingerprint readers? 3rd party AV software with password management?
Click to expand...
It's not just O365 though ... and they don't have MFA. This is also happening with Adobe (Acrobat Pro), it is also requiring relogin after reboot and/or after a random amount of time, sometimes 15 minutes, sometimes a couple hours.

I left AV off this computer for the time being to keep it as clean as absolutely possible.

There is no additional authentication aside from a password.
 
WAIT A MINUTE ... She is getting this error, this error also occurred before the nuke and pave ... can this have something to do with it?!

Is the TPM a software thing, or BIOS thing or what?

@Sky-Knight
 

Attachments

  • IMG_20201012_114639.jpg
    IMG_20201012_114639.jpg
    208.1 KB · Views: 21
thecomputerguy said:
WAIT A MINUTE ... She is getting this error, this error also occurred before the nuke and pave ... can this have something to do with it?!

Is the TPM a software thing, or BIOS thing or what?

@Sky-Knight
Click to expand...
That's the issue. The type of TPM could be coprocessor, on the processor or in software. Depends on your exact model.
 
Makes me wonder if there's physical flaw with the TPM chip itself or some kind of driver bug. Have you run the on board diagnostics on the machine?
 
I don't see anything in the BIOS relating to TPM, there is PTT, which might be similar but I had the user disable PTT and reboot and then BitLocker prompted after POST asking for a recovery key, but BitLocker was never enabled on this system so I don't know ... maybe this system is just wack.
 
@phaZed @timeshifter @Sky-Knight

Went back out there today ... tried to disable PTT, after which got a bitlocker encryption recovery. Re-enabled PTT. Tried to transfer her SSD to an exact spare computer they had on-hand and got a BitLocker recovery. I swapped the drive back to the original computer and logged in to find out that the workstation had been automatically encrypted via bitlocker which per Microsoft:

You may be running in to the default Device Encryption that Windows 10 does automatically. I'm going from memory here, but I believe the following conditions have to be met for Windows to automatically enable this:

  • TPM 2.0
  • InstantOn (Modern Standby)
  • Logged in with Microsoft or Azure AD account (not a local account)
Strangley I don't know if InstantOn is enabled, and also her account is Local.

I logged in and disabled bitlocker and unencrypted the drive on the original computer. Rebooted then rebooted again and went into the BIOS and disabled PTT. Upon logging in I verified TPM was disabled via PTT by going into tpm.msc which is where I saw that TPM was indeed no longer functioning.

I swapped her hard drive which was freshly nuke and paved last week into the new spare system again and I was able to boot it up properly. I verified the BitLocker and TPM were both off and logged back into OneDrive, Office, Outlook and Adobe.

Rebooted the computer several times and the credentials stuck. I had her poke around for a few minutes and just when I was about ready to walk out the door I asked her to reboot again. Upon reboot we had to log back into EVERYTHING all over again.

Keep in mind this is a totally different system now. I did transfer her new SSD that was N&P'd last week over to this system so I guess it might not be as clean as it could be.

I went ahead and updated the BIOS to the most recent version, updated all drivers, and set the credential manager to start automatically on bootup.

I had to leave after that because I was about to lose my effing mind.
 
Last edited:
Only thing I can think of at this point is that whatever issues were occurring on the system transferred over when I swapped the SSD to a new system and it needs to be N&P'd again.

This is such a PITA.
 
Leaving TPM enabled and getting an auto encrypted installation is already a problem. Yes, that borks up credential manager pretty hard. If you don't have inTune to control it, it's a source of endless pain.

All that said, this feels off target. For some reason I don't think TPM is the problem here. You should have just eliminated it.
 
Last edited:
You must log in or register to reply here.

Similar threads

YeOldeStonecat
Credential Manager broken in a handful of computers in recent W10 updates, 365 users frustrated
Replies
19
Views
3K
HCHTech
HCHTech
thecomputerguy
Am I making a big mistake migrating this client to SP/Teams?
2
Replies
26
Views
7K
Sky-Knight
Sky-Knight
HCHTech
OneDrive for business sync issues
Replies
5
Views
4K
frostbyte5014
frostbyte5014
Kitten Kong
Hirens 13 - Now released
2
Replies
31
Views
17K
eloria
E
Back
Top