Overview
In Kerio Control, users are prompted for credentials while using NTLM. They enter the details, however, after a few seconds, the pop-up re-appears. Note that the authentication is already set to use NTLM.
This article diagnoses the root cause for this issue and provides the available solutions to fix the credential prompts.
Root Cause
There could be different causes for this issue:
- Time settings are out of sync.
- Kerio Control server name does not have a valid DNS name.
- Old credentials are stored in the Windows Password Manager.
Solution
Method 1: Synchronize Time Settings
- Verify that the time on Domain Controller, Kerio Control, and the client hosts are the same. To have the same time on all computers in your network, use an NTP server.
- To configure Date and time settings in Kerio Control:
- In the administration interface, go to Advanced Options.
- Under the System Configuration, find Current date and time and click Change... (do adjust the settings.)
- If you are using an NTP Server, checkmark Keep synchronized with NTP Server and enter the hostname of the servers under NTP server name:
- In the administration interface, go to Advanced Options.
Method 2: Validate DNS name
Verify that the Kerio Control server name is correct:
- Go to Advanced Options > Web Interface.
- Select Use specified hostname.
- Type a valid DNS name of the Kerio Control server.
- Remove locally stored passwords in Windows Password Manager.
- The Kerio Control login dialog box is displayed only if NTLM authentication fails.
- NTLM authentication may fail if invalid credentials are saved in Windows Password Manager.
- The Kerio Control login dialog box is displayed only if NTLM authentication fails.
Method 3: Remove All Kerio Control Usernames and Passwords
To remove all Kerio Control usernames and passwords from Windows Password Manager:
- Click Start > Control Panel > User Accounts > Credential Manager.
- Select Manage Windows Credentials.
- Locate the set of credentials that has Kerio in the name.
- Click Remove from Vault or Remove.
Additional Troubleshooting Steps
- If all the steps mentioned above were carried out and the issue is still not resolved, then make sure if Active Directory is joined correctly. Try un-joining and rejoining to the domain and reboot Kerio Control.
- Kerio Control records information about failed authentication in the Error log.