“Unable to verify account name or password” High Sierra bug

As if logging in as root without a password and constant freezes with external displays weren’t enough, Apple decided to make life even more thrilling for Exchange 2016 users by not supporting http/2 in High Sierra.

Recently, we’ve updated all of our company Macs to macOS 10.13. Since most people use Outlook 2016 as their email/calendar app of choice, initially there were no issues reported. That’s until I tried to add our Exchange to “Internet Accounts” and synchronize contacts and calendar events directly with my OS:

Despite multiple attempts, I always ended up with the same error: “Unable to verify account name or password“. There’s not much about it on Apple support forums – most threads have to do with misconfigured IIS or SSL certs.

At some point, I tried the EWS directly in Safari: lo and behold, 401 Unauthorized. Thanks to some helpful folks online, the problem was quickly narrowed down to http/2. Long story short, the only way to get this working is to change the IIS 10 configuration back to previous version of HTTP protocol.

And it’s pretty easy, too. All you need are two (http + https) registry entries in:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\HTTP\Parameters

EnableHttp2Tls REG_DWORD 0
EnableHttp2Cleartext REG_DWORD 0

This is what it should look like:

One exchange restart later, and High Sierra finally can sync contacts and calendars.

Fun fact: Apple has known about the issue for months. Originally, it was a problem with iOS 11 (MS had to downgrade their whole O365 cloud to http/1 to prevent widespread disconnects). It has since been fixed in their mobile OS.

6 thoughts on ““Unable to verify account name or password” High Sierra bug”

  1. I do not know how to do this and I am having the same problem. Not computer savvy enough. will apple be able to walk me through this?

  2. Hello,

    Thanks! This is very helpful! However, could you please give us specific instructions on how to change/add the registries? Do you do this under the terminal or do you modify files in the Library folder?

    Thanks!

    1. Simply use regedit to add the entries.

      Be sure you understand this fix must be applied to your Exchange server and NOT your client PC!

        1. Tony – what my article describes are the configuration changes to your Exchange – i.e. the email server, not client.

Leave a Reply

Your email address will not be published. Required fields are marked *