Has anyone else experienced excessive password prompts since applying update KB5078752 to their domain controllers? We implemented this update on Monday night, and starting Tuesday, numerous users began encountering prompts—mainly in Outlook—indicating locked accounts. However, none of the affected accounts are actually locked. It's interesting to note that it doesn't seem to impact every user, but a significant number are affected. We operate in a hybrid Exchange setup, and we've already checked for stale Kerberos tickets and cached bad credentials without finding anything useful. We're feeling stuck trying to figure this out.
5 Answers
What version of Windows Server are you running? Is it 2019?
This happened to us as well, but we managed to fix it by resetting the affected users' passwords. It only affected a few people, so it wasn’t a huge hassle for us.
We tried a couple of password resets, but it didn't fully solve the problem. There’s something else at play here.
We found a workaround! If you'd like, I can share the details here. Basically, we cleared specific folders that stored cached data before signing out and back in to Office apps. It took some tries, but it worked for us! Here are the folders:
- C:Users*username*AppDataLocalTemp
- C:Users*username*AppDataLocalMicrosoftIdentityCache
- C:Users*username*AppDataLocalMicrosoftOneAuth
- C:Users*username*AppDataLocalPackagesMicrosoft.AAD.BrokerPlugin_cw5n1h2txyewy
After clearing the contents, go to Word or Excel, sign out, and then back in. You might need to try a couple of times, but we’ve had success with this approach.
I wonder if this problem is related to recent updates. There was a report about March updates causing issues with Teams and OneDrive sign-ins. Might be worth checking out!
We've got devices that haven’t had those March updates installed yet, and the issues are still occurring. So I don't think it's connected.
Yes, we are using Server 2019.