Here is the article: http://technet.microsoft.com/en-us/library/gg398998.aspx
The following Registry Key will disable it:
...where SavePassword is DWORD and the value must be “0”
- Proposed as answer by Tom ArbuthnotMVP Wednesday, June 01, 2011 5:31 PM
Even without passwords saved, clients will 'auto-login' as they are issued a certificate by lync to authenticate.
The only way to stop 'autologin' is to disable cert auth for the Lync system and not save passwords.
It's a little courter intuitive but that's how it works.
Be aware that disabling cert auth may affect your DR scenarios
If a post is helpful, please take a second to hit the green arrow on the left, or mark as answer, thanks
Tom Arbuthnot, Consultant Modality Systems
Blog: Lync'd Up Blog Subscribe: RSS
I don't understand how it work because I have users that, even without save the password, clients will not "auto-login", but there are others users who behave the way you say. For example, when i try to login with the user "lynctest" in my computer (pc1, it's not a member of domain), always ask me for credentials. However, in other computer that also is not a domain member (pc2), when i try to login with the same user, no ask me for credentials. If I revoke the cert auth for lynctest, the first time that log on in pc2 ask me for credencials. Then, never again. In pc1, still works the same way.
I hope your help!
We don't want to disable certs altogether because some users have secure domain-joined workstations.
But others have generic shared workstations and we don't want them to be able to save their password there. We have configured the Lync adm in GPO and set these to disable saved passwords - will this do the trick?
If so, what does that gpo do? Is it just a registry setting? We have some non-domain machines that we would like to set this on too...
Did you ever find a solution for this? I'm in a similar situation.
I can get around it on our XP workstations but our Windows 7 workstations (non-domain computers) will not prompt for the password.
Under XP this is what I do:
a. Go to HKEY_CURRENT_USER\Software
\Microsoft \Communica tor and create DWORD SavedPassword. Set the value to 0.
b. Go to HKEY_CURRENT_USER\Software
\Microsoft \Communica tor and delete the AccountPassword entry.
c. Remove the SIP certificate
d. Remove the stored credentials in Control Panel
It doesn't work in Windows 7 though.
- Proposed as answer by mxm323 Wednesday, May 08, 2013 3:29 PM
For Win 7 stations, in addition to changing or creating and setting the SavePassword value to 0 under HKEY_CURRENT_USER\Software
\Microsoft \Communica tor and create DWORD SavedPassword. Do these other two things:
Under XP and WIN 7 - Search the entire registry for "SavePassword". I found some (1) values under HKUsers in addition to the HKCU.
Under Win7 - I've found the you have to delete out of date "Generic Credentials" that reference OC to EWS and OC to anything. See examples in the image below (SIP URI account scrubbed). There is a similiar place in XP User Accounts, in the Manage Passwords button, but i have never once found a saved credential related to this issue.
To Access Generic Credentials on WIN 7 got to:
Start\Control Panel\User Accounts\Manage your credentials (Top left)\ then Generic Credentials is at the bottom.
try the below it will work. :)
1) sign out and exit completely Lync from (taskBar notification).
2) Go to cmd prompt and do step 3 and 4.
3) reg add HKCU\Software\Microsoft\Communicator /v SavePassword /d 0 /
4) Certutil –delstore –user My firstname.lastname@example.org
5) Login again to lync but now make sure to remove the Tick from the checkbox of "save password"
N.B: in step 4 enter your email and don't delete "My".
Waiting your Feedback!
- Proposed as answer by ahajar Wednesday, February 12, 2014 11:49 AM