We had an issue where a clients’ Outlook connectivity stopped working and they were continuously prompted for credentials.  Mysteriously OWA and ActiveSync were fine.  In the Security logs on the Exchange server we saw a lot of the following:

Source: Microsoft Windows security auditing.
Event ID: 4625
Failure Information:
Failure Reason: An Error occured during Logon.
Status: 0x80090302
Sub Status: 0xC0000418

Event ID 4625

We discovered that NTLM had been disabled on the domain controller.  To resolve, check the domain policy, domain controller policy or local policy on the DC and go to Computer Configuration -> Windows Settings -> Security Settings -> Local Policies ->Security Options and check the following two settings:

  • Network security: Restrict NTLM: Incoming NTLM traffic
  • Network security: Restrict NTLM: NTLM authentication in this domain

NTLM Restrictions

After a gpupdate on the DC, Outlook clients were then able to successfully connect to Exchange.