Ok, so we've got a remote desktop group setup, Reasonably standard deployment with a couple of shared components, for the most part it works. I'll get some more info on the deployment tomorrow, here's a basic summary of the problem we're facing.
Several users are prompted for Outlook Credentials every time they log back into their sessions. Credentials Manager shows that the Persistence level for the users with this problem is Logon Session, not Enterprise as it is on all the other users without a problem.
I immediately blamed some funky Group Policy as it wasn't occurring to all users, but when it did apply to a user... it stuck & nothing I can change will allow it to store.
Things I've tried:
- Stripping all group policy's away from the User Accounts.
- Recreating the User Account. (Delete, Create)
- Delete all reference to the User Account from the Session Host (Registry, Local User, Roaming Profile, Documents - everything I could find!)
- Tried another Session Host (Problem follows to the new session host.)
- Cloning the User Account. (The Clone works perfectly!!)
- Granting the user account full domain & local administrator.
As a work around I can simply go into Credentials Manager & store the credentials as Enterprise, which sticks... but that's not a workable solution for 30+ users that change their own passwords from time to time. I'm out of ideas of what to try, anyone come across this kind of thing before?
My hunch is it's something nested within AD that's not deleted with user accounts... but I'm pulling at straws.