Group Writeback enables the synchronization of Microsoft 365 groups with your on-premises AD through Microsoft…
Prevent Outlook from connecting to Office 365
Users get a Microsoft credential prompt in the Outlook client. This does not matter when you restart Outlook or create a new Outlook profile. It keeps prompting for the Office 365/Microsoft 365 credentials. But, the mailboxes are not in the cloud and are in Exchange on-premises. Why do you get a Microsoft cloud credential prompt in Outlook? In this article, you will learn how to prevent Outlook from connecting to Office 365.
Table of contents
Microsoft sign in prompt in Outlook
The Microsoft sign in window will never end and keep prompting for the Microsoft credentials. In addition, the mailbox will not connect to Exchange on-premises.
Let’s look at what’s happening and when the Microsoft sign in prompt shows up.
Start Outlook
You already have an Outlook profile in Outlook, and start Outlook. A Microsoft sign in prompt shows up. Down below in the status bar, it shows Trying to connect.
Let’s fill in the email address and click Next.
The Microsoft sign in window shows:
This username may be incorrect. Make sure you typed it correctly. Otherwise, contact your admin.
Let’s try to create a new Outlook profile.
Create new Outlook profile
Create a new Outlook profile on the client. Fill in the credentials and click Next to start configuring the Outlook profile.
It will search for the user settings.
The Microsoft sign in window shows up. The Microsoft sign in is a bit different than the previous one. It shows a message: Tell us the account you want to use to open autodiscover.xml.
Let’s fill in the email address and click Next.
The Microsoft sign in window shows the same error as the previous:
This username may be incorrect. Make sure you typed it correctly. Otherwise, contact your admin.
Why do we get this error, and what is the solution to prevent Outlook from showing the Microsoft sign in prompt.
Direct connect to Office 365
Microsoft added a new feature in Outlook that will force Outlook clients to connect to Office 365/Microsoft 365:
- Outlook 2016
- Outlook 2019
- Outlook Microsoft 365
Outlook connects to Office 365 and bypasses the Exchange Server autodiscover URL. This can be your Exchange Server on-premises or Hosted Exchange. Hosted Exchange is not Office 365/Microsoft 365, and it’s Exchange on-premises in the cloud.
When Microsoft sign in prompt start to show up
The Microsoft credential prompts start to happen when you add a new domain to Microsoft 365 tenant. Microsoft thinks the mailbox is in the cloud and will connect to the Microsoft 365 autodiscover URL. Instead, it should check the Exchange Server on-premises autodiscover first.
The organization has the required autodiscover URL set and correctly configured. However, they keep getting the Microsoft sign in prompts.
Stop Outlook connecting to Office 365
To block Outlook from connecting to Office 365, follow the below steps:
Open Registry Editor as administrator on the client.
Navigate to the below registry subkey. If you don’t see the AutoDiscover subkey, create the subkeys.
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\AutoDiscoverThe registry path corresponds to the Outlook version:
| Outlook version | Registry subkey version |
|---|---|
| Outlook 2016 | 16.0 |
| Outlook 2019 | 16.0 |
| Outlook Microsoft 365 | 16.0 |
Create a DWORD (32-bit) Value. Give it the name ExcludeExplicitO365EndPoint and the value 1.
Restart Outlook on the system. Sometimes, you have to restart the system to have the change take effect.
Verify connection to Microsoft Exchange on-premises
Start Outlook and verify that the Microsoft sign in prompt in Outlook does not appear. It connects directly to the Exchange Server on-premises and not to Microsoft 365/Office 365.
Note: You don’t have to re-create the profiles on the clients after adding the registry key.
Create a new Outlook profile and verify that the Microsoft sign in prompt doesn’t appear.
Note: Don’t forget to remove the registry key once you start migrating mailboxes to Office 365.
Did this help you to fix the Microsoft sign in prompts?
Read more: Outlook prompts for password after migration to Office 365 »
Conclusion
You learned how to prevent Outlook from connecting to Office 365. The solution is to add the ExcludeExplicitO365Endpoint registry key to the client with a value of 1. After testing with one client, deploy it with a GPO to all the clients. No more Microsoft credential prompts in Outlook. Don’t forget to remove the registry key once you start to migrate mailboxes to Office 365.
Did you enjoy this article? You may also like Certificate warning during or after a new Exchange Server installation. Don’t forget to follow us and share this article.
What Others Are Reading
Thank you so much, you saved my day with this solution. Worked 100%
Ali, thank you so much! I just set up a new computer and loaded Office Professional Plus 2021 that I purchased from Indigo. After running for a few days, the Outlook program crashed on Jan. 27, 2024, and Indigo couldn’t fix the problem. I am not at all a tech person, but you turned up in a google search relating to the Outlook problem. Although I’d never heard of a Registry Editor and was very reluctant to mess with it on my new computer, your instructions were very clear and gave me the confidence that you know what you’re talking about. Much to my amazement, following your instructions got Outlook running again. What a relief!!
I’m definitely subscribing to your newsletter. Thanks again.
How this can be done on MacBook?
Thanks for your article Ali! I subscribed our family business to Crazy Domains’ who offer a hosted exchange server. But, we saw the same problem that you described in the article. Your tip to change the Autodiscover in the registry editor was great! However, it seems that any laptop bought in the last year-or-so either doesn’t allow this feature, or, it has moved the folder structure and I can’t find where to make the edit. I am not very skilled in IT but I would REALLY appreciate it if you could offer an answer that fixes my problem.
Thanks in advance
we run exchange 2019 in a hybrid setup. We have an exchange server on prem but its purely used for mail relay; all our mailboxes are hosted in the cloud. We are running the latest version of outlook and all our domain joined laptops are able to download mail via outlook without a vpn or lan connectivity i.e they just need an internet connection. Is there anyway to stop this behaviour?
Yes, you need to create a Conditional Access policy in Azure AD with your preferable settings.
Thanks. Saved my bacon with a migration. I have just set it up in a GPO and will change to 0 when migration is done 🙂
Thank you for the solution, we have been blocked and seeking for a solution to this problem.
You save our day !
This started happening to us last year after setting up ADSync. Creating the registry key was a quick easy fix. But here is why I am commenting:
I have just set up a Full Modern Hybrid Exchange environment, and have been testing different scenarios with dummy mailboxes.
-All user mailboxes are still on prem
-MX records and autodiscover still point to on-prem
I tested a mailbox move to Exchange Online and then went to set up Outlook. I hit a roadblock while trying to connect the account in Outlook and realized it was because of the registry key we had created. It was blocking the Exchange Online login prompt. After deleting the key I was able to set up the account.
This is going to turn into a big issue for a bunch of users that we created the key on. Once we move their mailboxes Outlook won’t be able to reconfigure/reconnect. We could delete the key before moving, but that will bring back the continual annoying login prompts.
I’m wondering if you have seen or know a way to change the order that Outlook uses, rather than disabling O365 Endpoint key completely.
It should automatically connect to Exchange Online when you migrate a mailbox to Exchange Online while the registry key is configured (just tested).
But, I can confirm your findings. I have seen this happening at some organizations and what I did was create a new GPO that removes the registry key and applies it to a security group.
Once the mailboxes are migrated to Exchange Online, they are added to the security group and can connect without issues.