Home > Mac administration, Office 2011 > Microsoft Lync keychain password prompt on login

Microsoft Lync keychain password prompt on login

One of my users ran into an issue recently when launching Microsoft Lync. When the Lync application logged into the Lync server, a Microsoft Lync wants to use OC_KeyContainer_username@company.com. Please enter the keychain password prompt appeared.

Screen Shot 2013-12-02 at 11.07.19 AM

The curious thing was that the keychain prompt would not accept the user’s current login password. When I checked, the user’s login keychain was unlocked and using the current password, so it didn’t appear to be caused by the login keychain password issues that I normally deal with.

After some research, I was able to find the answer and get this issue fixed. See below the jump for the details.

 

The fix:

 

1. Quit out of Microsoft Lync

2. Go to /Users/username/Library/Keychains

3. Remove the OC_KeyContainer__username@company.com file from /Users/username/Library/Keychains.

4. Launch Microsoft Lync

5. On relaunch, the prompt no longer appeared.

 

What caused the password prompt?:

 

Microsoft Lync creates a keychain file to store encryption keys. The file is physically stored in /Users/username/Library/Keychains and is named something similar to OC_KeyContainer__username@company.com.

Screen Shot 2013-12-02 at 11.04.06 AM

 

The password for this keychain is not tied to the user’s account password and it looks like the Lync program itself will automatically generate a randomized password for it. The password to unlock that keychain is then stored in the user’s login keychain.

 

Screen Shot 2013-12-02 at 11.03.39 AM

 

Occasionally, something in Lync happens that causes this keychain to refuse to work properly. In that event, a pop-up may appear requesting a password.

 

Screen Shot 2013-12-02 at 11.07.19 AM

 

Removing the OC_KeyContainer__username@company.com keychain file will force Lync to create a new one.

 

Screen Shot 2013-12-02 at 11.05.23 AM

 

 

Screen Shot 2013-12-02 at 10.40.29 AM

 

When Lync is relaunched, it will generate a new OC_KeyContainer__username@company.com keychain file with a new randomized password and store it in /Users/username/Library/Keychains.

 

An interesting thing about this OC_KeyContainer keychain and associated password entry is that the persistence of it appears to be tied to whether or not Lync is set to save the user’s account password.

If the password is set not to be saved:

Screen Shot 2013-12-02 at 11.26.56 AM

 

The OC_KeyContainer__username@company.com keychain and OC_KeyContainer__username@company.com password entry in the user’s login keychain are created when Lync connects to the Lync server.

Once the Lync application is quit, the OC_KeyContainer__username@company.com keychain and application password entry are automatically deleted. On relaunch, a new OC_KeyContainer__username@company.com keychain and application password entry in the user’s login keychain are created.

If the password is set to be saved:

 

Screen Shot 2013-12-02 at 11.27.01 AM

If they do not already exist, the OC_KeyContainer__username@company.com keychain and OC_KeyContainer__username@company.com password entry in the user’s login keychain are created when Lync connects to the Lync server. A Microsoft Lync password entry is also created in the user’s login keychain if one does not already exist.

Once the Lync application is quit, the OC_KeyContainer__username@company.com keychain and application password entry persist and are not automatically deleted. On relaunch, Lync will look for and re-use the existing OC_KeyContainer__username@company.com keychain and OC_KeyContainer__username@company.com password entry.

  1. December 31, 2013 at 12:32 am

    Totally worked and saved my day from the annoying prompt. Thanks!

  2. February 6, 2014 at 3:17 pm

    So, thanks for the article, Microsoft referred me to this to troubleshoot some issues with MAC. However, my users do not have the file @ the location above (step 3) … they are running MAC 10.9.1 and do not have the OC file @ /Users/username/Library/Keychains. Any ideas?

  3. Scott
    October 3, 2014 at 10:53 pm

    I recently updated Office and have the OC-Keychain popup issue with Lync. However, I too do not have the file in my /Library/Keychains folder or in the KeyChain Utility app. So I cannot take the steps outlined. I see Greg S had a similar issue in Feb. Any fixes or ideas? I have tried a a number of things. I even reinstalled Lync. That didn’t work.

    • dheeraj
      March 9, 2016 at 9:25 pm

      It worked for me. The specified path was not available to me either through Finder. I was able to access it through terminal. go to terminal and navigate to below path.
      /Users//Library/Keychains. you will find the OC_Keycontainer_* file in the path. Now just use ‘rm OC_KeyContainer__email@company.com‘ . That will delete the file.

      • ibukki
        September 30, 2016 at 2:02 am

        Saved my life, need to go with command line !

      • Joseph
        October 14, 2016 at 3:45 am

        Thanks, your suggestion works perfectly.

  4. Indi
    October 14, 2014 at 6:54 am

    Great!! This time i dint have to go back to sysadmin and waste 2 to 3 days for this!!!

  5. November 14, 2014 at 6:46 pm

    Reblogged this on Raul E. Santos.

  6. Lisa
    December 11, 2014 at 1:48 pm

    You’ll likely not be able to go to userid/Library/Keychains by just clicking through the Finder, you need to get there using Finder’s menu Menu->Go->Go to Folder and type in ‘~/Library/Keychains’ (you can copy paste that). Or Shift+Command+G and put in the same thing. That’ll take you to /Users/’your userid’/Library/Keychains.

    • August 2, 2016 at 2:19 pm

      I know this is really old, but I just found this and it totally worked- hours wasted trying to figure this out so thank you!

      • Rafa
        November 10, 2016 at 3:54 pm

        It worked for me too !!!!!!! great solution

    • September 8, 2016 at 9:39 pm

      Thank You So Much!!! That pop-up was driving crazy.

    • Rajesh
      October 4, 2016 at 7:23 am

      Thanks Lisa, This worked like a charm for me. Thanks so much..

    • Rob
      March 21, 2017 at 2:25 pm

      Actually, was the only way that works for me on OS Sierra!!! Great, Thanks you so much!

  7. Shreekant
    February 11, 2015 at 12:06 pm

    This works completely fine,,, thanks lisa

    You’ll likely not be able to go to userid/Library/Keychains by just clicking through the Finder, you need to get there using Finder’s menu Menu->Go->Go to Folder and type in ‘~/Library/Keychains’ (you can copy paste that). Or Shift+Command+G and put in the same thing. That’ll take you to /Users/’your userid’/Library/Keychains.

    • October 18, 2016 at 8:40 am

      Thanks man its great
      you save me 😀
      both two ways above not working with me even terminal

  8. Naruto
    February 12, 2015 at 11:41 pm

    So what if the directory userid/library/keychains don’t exist?

  9. RG
    February 23, 2015 at 11:08 pm

    totally worked!!!! Thanks for tip….

  10. Dilen
    April 17, 2015 at 10:28 am

    Hello! thank you so much… worked for me as well

  11. April 29, 2015 at 9:00 pm

    This fixed my problem. Thanks for your help.

  12. Vijay
    June 15, 2015 at 2:16 pm

    very much useful link…

  13. Mike
    July 13, 2015 at 11:25 am

    great this works

  14. Danny
    July 30, 2015 at 4:21 pm

    Thanks worked for me! In Finder , hold alt/option and click Go > Library , you will see the keychains folder.

  15. Pavel
    August 21, 2015 at 10:50 am

    Second possibility is:

    Press CMD+shift+G…… write path: ~/Library/Keychains and Delete that one.

    😉

  16. joe styler
    October 21, 2015 at 4:16 pm

    Thanks for the help! This was annoying me for days.

  17. October 26, 2015 at 8:47 pm

    Rich, you’re a beast! Thanks again and as always for posting great info.

    I have a slight twist on this issue and wonder if it’s related. When starting Excel, PowerPoint, Outlook or OneNote, I get a similar keychain error that reads ” wants to use your confidential information stored in ‘Microsoft Identity 4F7322BE-C519-4E56-9738-1C86EEB7244D’ in your keychain”. The item is in my unlocked login keychain but I can’t monify it to add the last few apps (unrecognized p/w). Then I realized that ALL my keychain items are inaccessible even though my login keychain is unlocked. I noticed this shortly after my in place upgrade to El Capitan. Are these issues related? TIA.

  18. Mukesh
    November 3, 2015 at 1:26 am

    Thanks for this piece of advice as i struggled couple of days to get rid of pop up messages

  19. Mike
    November 5, 2015 at 10:16 pm

    Resolved my issue. Thank you for posting this detailed fix.

  20. Ash
    November 23, 2015 at 9:44 pm

    Deleting the OC_Keycontainer in the keychain worked. Hold Alt when selecting the Finder->Go To options as that would also show hidden files.

    • Rbobert Bachman
      October 24, 2016 at 6:13 pm

      Man talk about an easy fix thanks for the insight

  21. jk
    December 22, 2015 at 4:54 am

    Thanks for the well-explained article!! I love your explanation more than the solution. Thanks heaps!

  22. Hari
    January 6, 2016 at 2:10 pm

    Thank you. Awesome article.

  23. January 8, 2016 at 10:10 pm

    Thanks greatly! This really worked solve the problem. Kudos!

  24. jack
    March 3, 2016 at 3:12 pm

    Thanks man, saved me!

  25. dheeraj
    March 9, 2016 at 9:26 pm

    It worked for me. The specified path was not available to me either through Finder. I was able to access it through terminal. go to terminal and navigate to below path.
    /Users//Library/Keychains. you will find the OC_Keycontainer_* file in the path. Now just use ‘rm OC_KeyContainer__email@company.com‘ . That will delete the file.

  26. Venkat
    April 11, 2016 at 1:50 am

    Thank you Thank you!!!!!! This is life saver from that annoying prompt.

  27. juan carlos
    April 21, 2016 at 11:48 pm

    thanks a lot 😉

  28. Adam DeRidder
    April 22, 2016 at 1:30 pm

    Thank you. That worked for me too. However, I did not see the ‘Library’ folder at first. Once I was inside my home folder, I had to click the ‘gear’ icon in Finder than choose the menu option to ‘Show View Settings’ the check the box to ‘Show Library’. That worked for me. Thank you.

  29. April 26, 2016 at 2:14 am

    yes it was a great help.

  30. Kevin
    May 11, 2016 at 4:59 pm

    You are awesome. Thx for the help

  31. Kevin
    June 25, 2016 at 6:15 pm

    Thank you for the fix, Shift+Command+G and pasted ‘~/Library/Keychains’ (found the file, OC_KeyContainer__email@company.com, deleted, and everything is back to normal)

    • Beca
      November 19, 2016 at 11:37 pm

      Thank you so much! This simple step helped me out after lots of time wasted to find that OC keychain

  32. Kasturi
    August 3, 2016 at 11:23 pm

    Thank you for your help. It worked 🙂

  33. GGSophia
    September 8, 2016 at 10:25 pm

    Is there anyone who could not get the problem solved by deleting the keychain file?

  34. CPW
    September 12, 2016 at 11:48 am

    Still works. Had this issue this morning. And now I’m up and running

  35. September 15, 2016 at 5:51 pm

    For what it’s worth this happened to me after upgrading one of my test machines to macOS 10.12 GM earlier today (either that or my enabling unlock with Apple Watch – but not sure that’s possible). Thanks Rich!

  36. Robert T
    September 21, 2016 at 8:12 pm

    Fixed my issue after upgrading to macOS Sierra.

  37. September 23, 2016 at 8:04 am

    Fixed it for me after my machine associated to the wrong network at work. Thank you.

  38. September 23, 2016 at 11:35 am

    I lived with this for too long, thanks for the fix!

  39. LEE KENDRICK
    September 26, 2016 at 9:36 am

    Great – thanks

  40. Saumitra S
    September 26, 2016 at 3:26 pm

    That was really helpful. Thanks !!

  41. September 26, 2016 at 4:13 pm

    Worked perfectly. Thank you for the detailed and accurate info.

  42. German
    September 26, 2016 at 6:04 pm

    In the macOS Sierra is -> Shift+Command+G and pasted ‘~/Library/Keychains’ and deleted OC_KeyContainer__email@company.com

  43. Arjun Kalidas
    September 27, 2016 at 5:37 am

    Thanks a lot buddy. You saved me a hell of a lot of trouble!

  44. Erik Viklander
    September 28, 2016 at 6:27 am

    Run into this problem today. Your solution worked like a charm, thank you very much!

  45. Rob
    September 28, 2016 at 2:33 pm

    This happened to me too. With sierra or otherwise, the name of that file changed when it was recreated to have “-db” added on the end of the file name.

  46. JP Moatti
    September 28, 2016 at 2:37 pm

    AWWESONESS!!!! Thank you!

  47. Lindy Talbot
    September 29, 2016 at 1:40 pm

    I upgraded to Sierra last week and it Lync continued to work numerous times after… until I restarted this morning. Then this issue. Following the removal instructions for the file did not work. What DID work for me was to completely uninstall Lync (I have Clean My Mac 3 and did the uninstall from there.) I reinstalled Lync and it took a while (spinner for about 2 minutes?) but it connected and is up and running.

  48. JP
    September 29, 2016 at 3:54 pm

    I do not have the oc keychain…. how do i delete it to fix a problem when i do not have it?

  49. JP
    September 29, 2016 at 5:38 pm

    I updated last night… I have no OC keychains at all and my password is correct yet it gives me this prompt. I try to enter my current password for the LYNC account and it denies me. We run parallels and when I go to the LYNC on that side everything works so the passwords are correct for everything. I guess Ill have to wait on IT to give me a copy of the disk to reinstall?

  50. September 29, 2016 at 9:05 pm

    Worked for me, thanks a lot!

  51. teknorulez
    October 3, 2016 at 3:27 pm

    Thanks a lot, the tip worked perfectly!

  52. October 4, 2016 at 5:13 am

    More than three years this article was written and it is relevant and helpful. Thanks for sharing.

  53. October 4, 2016 at 2:52 pm

    Thanks! Saved my day!

  54. JP
    October 4, 2016 at 2:58 pm

    I deleted the key chain now it is telling me my sign in failed because my user name doesn’t exist or my password is wrong which both are correct….

  55. October 4, 2016 at 4:29 pm

    Thanks, this resolved my issue. I had to hold ALT on the keyboard for the Library folder to show up for the users.

  56. October 5, 2016 at 8:53 am

    Thanks a lot it helped me.

  57. rajtash
    October 6, 2016 at 5:38 am

    even after removing keychain file, sign in to Microsoft Lync failed because the service is not available or you may not be connected to internet.

    Solution?

  58. Peter C
    October 7, 2016 at 2:39 am

    Worked! How great. Thanks much.

  59. October 7, 2016 at 12:29 pm

    THANK YOU !!!!

  60. Mic G
    October 10, 2016 at 8:23 pm

    Thanks!!!

  61. red
    October 11, 2016 at 2:41 pm

    Thanks, 3 years later and still a good post.

  62. Ben Godfry
    October 11, 2016 at 8:02 pm

    I can’t say thank you enough. This was impossible to solve without this post. Thanks again.

  63. Floooooo
    October 12, 2016 at 10:01 am

    Thank you!!

  64. October 12, 2016 at 11:02 am

    A nice simple fix to an annoying problem. Thanks for taking the time to post this.

  65. bijo
    October 14, 2016 at 1:51 pm

    thanks a lot. I have same issue when i updated to macOS

  66. cjace
    October 17, 2016 at 12:00 am

    Thanks for this, I started getting this error when I upgraded to Sierra.

    I had to type cd /Users/[username]/Library/Keychains into terminal and then the remove command rm OC_KeyContainer__username@company.com

  67. Xavier
    October 17, 2016 at 10:34 pm

    Thanks, I just had this problem !!!

  68. stanosmith
    October 18, 2016 at 4:35 pm

    Worked like a charm! This happened to me after upgrading to macOS Sierra as well.

  69. Florence
    October 18, 2016 at 10:22 pm

    none of this works

  70. October 19, 2016 at 5:26 am

    In terminal:
    rm -rf ~/Library/Keychains/OC_KeyContainer__*

  71. October 21, 2016 at 4:50 pm

    OMG! I cannot thank you enough!

    For those having trouble:
    To find the Keychains Folder – go to Finder, hold the “option” key and then click the “Go” menu at the top and you will see the Libraries folder appear. Keychains is in there.

  72. Borgo
    October 25, 2016 at 9:13 am

    Great description, thanks man

  73. Kartick Vijayakumar
    October 26, 2016 at 11:21 am

    World owes this guy a beer! Thanks mate..

  74. November 5, 2016 at 5:54 am

    Awesome! Perfectly helpful. Thank you.

  75. Maya kharat
    November 8, 2016 at 6:07 am

    Thank you so much..It was a great help….i was struggling through this issue from last 4-5 days….thanks…

  76. Alan
    November 8, 2016 at 8:35 pm

    Thanks! This has been bugging me for a month.

  77. MK
    November 10, 2016 at 12:30 pm

    This is still happening and your blog is still saving people. Microsoft: must we continue to remind you that you should fix this?

  78. Lyn
    November 18, 2016 at 2:03 pm

    Thanks for the tip! Worked great. I’m forced to use Lync to support one of my customers – nice to be connected with them again.

  79. Jose
    November 18, 2016 at 2:05 pm

    Thank you!

  80. alsdfjsaldfsdf
    November 30, 2016 at 10:23 pm

    Didn’t work at first, but it did after restarting!

  81. December 8, 2016 at 7:24 pm

    Thanks, that sorted it.

  82. Alexey Strakh
    December 12, 2016 at 11:40 pm

    awesome! Thank you

  83. cherukuri.ns@gmail.com
    December 20, 2016 at 3:07 am

    Thanks a Lot!! This was driving me crazy!

  84. February 17, 2017 at 8:35 pm

    Thanks!

  85. LAKSHMI NARASIMHAN S
    February 24, 2017 at 4:24 am

    Thanks a lot..

  86. maulik
    February 27, 2017 at 2:58 pm

    Its works for me too thanks

  87. Hanz Abdulkalam
    March 15, 2017 at 9:33 am

    IT WORKS!!

  88. March 23, 2017 at 1:13 pm

    Thank You! You save my time!

  89. Ash
    March 29, 2017 at 5:10 am

    You’re a legend (kiwi term for awesome!) – you saved me a bunch of time, the fix was right near the start of your post and easy to follow. Thanks!

  90. Anuj
    April 17, 2017 at 6:16 am

    Thanks so much. Very helpful. Worked!

  91. Carl
    April 28, 2017 at 8:07 am

    Rich Trouton, today you are my hero. Thank you so much for posting this!

  92. PRATEEK NAYAN
    May 9, 2017 at 9:29 am

    Thanks a lot. Good description. Saved my day. KUDOS !!

  93. Rits
    May 12, 2017 at 5:25 am

    Thanks! This helped me a lot

  94. June 27, 2017 at 6:51 am

    Many Thanks! Best regards from Germany.

  95. July 3, 2017 at 2:47 pm

    Thanks – worked like a charm to eliminate this bothersome problem!

  96. Simon Berry
    August 17, 2017 at 9:34 am

    Worked – thanks

  97. August 31, 2017 at 3:46 pm

    Thanks!! Great directions

  98. qayshp
    September 21, 2017 at 6:19 pm

    Still useful today 🙂
    Thanks for writing this up!

  99. Alan Taylor
    October 4, 2017 at 8:41 am

    Very helpful. Thanks!

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: