Keychain Access in Mac stores all the passwords and certificates for websites and applications including proxy authentication. This is a handy tool in mac osx to store password in secured way however the common issue with this tool is storing multiple version of passwords for the same authentication which eventually conflicts and cause lot of frustration and issues. It does happens when the password has been changed or for the new password reset or even when the website url changes the format as it uses the domain name instead of IP address. From my experience I found this issue can become quite annoying and frustrating especially when you are using a mac inside the firewall and proxy server. If you don’t remove the old password from keychain at the time of changing or resetting Active Directory (AD) password, it locks out user account whenever it tries to authenticate through proxy with the old authentication.
So my suggestion is to remove all the stored password from Keychain Access before you change the Active Directory (AD) or Exchange Server password. Once you change the AD password and next time you try to access any public domain or website from inside the firewall it will prompt for proxy authentication as it cannot find any stored password. It will then store your new credentials and hopefully you will not have any account lockout issue.
How to access keychain?
Keychain access application is located under utility folder in the Applications folder. Please see the screen capture below –
Double click on the Keychain Access application to open it. It will show all the stored passwords and certificates for authentication. Remember you have to enter computer username and password if you want to modify the list.
Sometimes keychain access gets corrupted and it does not work properly for various reasons. When it does not work, it might prompt for password again and again. But the good thing is you can analyse and repair your Keychain Acess entries using Keychain Access first aid tool.
How to fix Keychain Access entries?
When Keychain Acess application opens up, click on Keychain Access from the top navigation menu see the image below then select Keychain Access First Aid. You can use keyboard shortcut option+command+a.
Once the First Aid window opens, enter your username and password and make sure verify is selected then click on Start button. It will analyse the Keychain Access entries and display the result at the bottom section of the window see the screen capture below –
You can see from the above screen capture, I have some issues with my Keychain Access entries. The errors are displayed in red colours.
To repair the Keychain Access, make sure you have selected repair radio button then click on Start button again. It will go through repairing the entries. See the screen capture below when it has been repaired.
Now if you do verify again, hopefully you will not get any more errors.