Domain Prefix before Email address when connecting Office 365 email to Outlook app

Question

question

OliverLennox-4187 asked · Feb 05 at 12:56 PM

Domain Prefix before Email address when connecting Office 365 email to Outlook app

Hi there,

We have a client who was using Azure AD sync to connect their O365 tenancy to a local domain controller. The DC has long since gone and they have been cloud only for several years now. The Set-MsolDirSyncEnabled flag has been disabled in O365 Azure to say it's no longer linked.

On the whole, everything is working fine except when users sign into Outlook for the first time where they are prompted to login with the username "OLDDOMAIN\email@company.com". This is confusing for the users and is breaking the policy which should be silently signing users into Outlook automatically.

Does anyone know how to fix this? I thought it would be something going on in Azure AD but now I'm wondering if it might be an Exchange Online issue?

office-exchange-server-administration mem-intune-general office-itpro office-deployment

· 5

10 |1000 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

KaelYao-MSFT · Feb 08 at 08:53 AM

Hi, @OliverLennox-4187
I would suggest first run a Test E-mail Autoconfiguration via Outlook client to check if there is anything wrong with autodiscover.
And have you removed the Outlook credentials in credential manager?

If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

0 ·

OliverLennox-4187 KaelYao-MSFT · Feb 08 at 08:59 AM

Hi Kael,

This is affecting all users, not just one account?

0 ·

ERottier-7634 · Feb 10 at 10:04 AM

I have the same issue, but kind of different.

My login prompt is NETBIOSDOMAINNAME\UPN (or e-mail)
This only is an issue on my Intune Azure AD only-joined devices with Outlook 365. No local AD domain-join for those laptops.

So if my domain is tailspin.com, my domain netbios name could be TS.
In this case what I see is: TS\my.name@tailspin.com as the login name.

My environment is a hybrid one, because of Teams, but out (Exchange 2016) environment is purely on-premises. As far as it gets these days :)

Yes, I did clear cached credentials. Also autodiscover seems fine.
One of my colleagues said something about logging into Onedrive which would cause this issue, I cannot reproduce this yet.

I've only seen this issue, kind of, once on the interwebs:
https://answers.microsoft.com/en-us/windows/forum/windows_10-hello/o365-login-prompt-has-wrong-account-details-user/0299e29a-1745-4893-a8aa-ca31df0c40b2

No solution still.

0 ·

OliverLennox-4187 ERottier-7634 · Feb 10 at 10:44 AM

Hi There,

I read through your links and their solution seems to be clearing out cached credentials but this is happening for us (and probably yourself too) on brand new devices, freshly linked to Azure AD so nothing it cached.

I'm starting to get the feeling that this is a bug and there is no solution at present

0 ·

ERottier-7634 OliverLennox-4187 · Feb 10 at 01:22 PM

When opening a cmd and running the set command on my laptop, I noticed the netbios domain name as 'userdomain' and 'userdomain_roamingprofile' variables.
I'll try to influence these values (no luck so far)

i think these values are synced from the local AD to the online synced useraccounts and remembered there. Then when the user logs in, these values are copied to the local laptop (in my case via Intune). I don't know if you use Intune as well, but if so, worth a look. I did not look in the Azure user accounts.

Kinda of seems like a bug indeed... It seems Outlook somehow merges two things together that should not be.

0 ·

Answer 1 · 2021-02-08T09:15:16.423Z

AshokM-8240 answered · Feb 08 at 09:15 AM

Hi @OliverLennox-4187 ,

Usually for Office365, it will be with the email address to be entered at the credential prompt. If the prompt occurs with olddomain\email@company.com then can you check the below,
1.Is that device still joined to old domain
2.Any cached credentials in credential manager with olddomain reference
3.How the users are logging in to the device (domain\username or emailaddress)?

Does it happen only while creating a new outlook profile?
Also, any recent changes as you have mentioned that it was working fine for several years?

Ideally, if the AD is removed, device should have work or school Microsoft account in the local accounts and login will be with email@company.com.

If the above suggestion helps, please click on "Accept Answer" and upvote it

· Share

10 |1000 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Answer 2 · 2021-02-08T09:29:24.747Z

OliverLennox-4187 answered · Feb 08 at 09:29 AM

Hi Ashok,

No, this is happening on brand new devices that are Azure AD joined
No, this is happening when logging in for the first time on a new device.it is affecting multiple users though I'm not 100% if everyone
The users login with the email/O365 account e.g. olly@work.com
Yes it's what Outlook defaults to when you create a new email profile. The main issue is that Outlook is unable to auto-login with the linked Windows 10 work/school account and
silent login is failing. You have to manually delete the domain prefix and enter the password, at which point it logs in and sets up the Outlook account perfectly fine.
We've had this problem since the domain was unlinked from O365, for several years. It's always been a minor annoyance but we're now trying to do more with Intune and device
auto-provisioning and it's becoming a real pain. I believe all the steps were followed for unlinking the domain from O365 but maybe something was missed?

Thanks

· 14 · Share

10 |1000 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AshokM-8240 · Feb 08 at 12:48 PM

You can verify the dirsycn status using the below command,

(Get-MSOLCompanyInformation).DirectorySynchronizationEnabled

What is the version of outlook?
Is it happening to the Click to Run outlook downloaded from O365?
Have you changed the Autodiscover record to point to O365? There should be one autodiscover CNAME record pointed to O365

0 ·

OliverLennox-4187 AshokM-8240 · Feb 09 at 09:20 AM

Hi Ashok,

I have checked the DNS records. There was an issue with the MX which I corrected but I've checked again this morning and it hasn't fixed it. The Autodiscover records are correct and reporting as healthing in O365.

(Get-MSOLCompanyInformation).DirectorySynchronizationEnabled is false (this was done years ago when we disabled AD Sync)

Any other ideas?

0 ·

AshokM-8240 OliverLennox-4187 · Feb 10 at 08:38 AM

Hi @OliverLennox-4187 ,

Can you check if this is happening for a new user as well?

0 ·

Show more comments

AndyDavid · Feb 08 at 02:05 PM

Sure there isnt some GPO forcing the Outlook profiles?

0 ·

OliverLennox-4187 AndyDavid · Feb 09 at 09:22 AM

Hi Andy,

The DC was decommissioned years ago, these are brand new laptops which we're not even building on site (we are an MSP) so unless O365 has somehow hoovered up some ancient policy and is spitting it back out, I don't see how any GPO could be present here. We are using Intune but the only setting which is relevant is to silently login Outlook (which is not working due to this issue)

Thanks

0 ·

AndyDavid OliverLennox-4187 · Feb 09 at 12:53 PM

Another dumb question :)
Does the UPN of the user match the Primary Email Address?

0 ·

Show more comments

question