We have had several support tickets from Workspace users who are being asked to authenticate repeatedly when they open documents from Workspace. This is happening because of IE and MS Office working together.
The Cause (from MS article: http://support.microsoft.com/kb/2019105)
When Internet Explorer opens an Office document, the appropriate Office application is started with the path of the document. The Office application then tries to access the document directly from the server. This differs from other browsers and other file types. Most browsers download the file and call the application to open the file from the local cache. However, when this occurs, if the opened file is changed and saved, the changes are only made to the local copy and not to the server copy.
To establish the richest experience possible, the first thing that the Office application does is communicate with the server to determine the server type and what web authoring protocol is available. The application does this by making an OPTIONS request directly to the server.
As a new process accessing the server, the Office application is required to renegotiate authentication. This method is more secure than a method in which the new process uses an existing authentication that was established by the browser.
The above article provides some resolution options, but this appears to be the most user-friendly:
Select “remember the password” – The requests for credentials can also be less intrusive if the user selects the option to remember the password. This should only be done if the client computer is in a private trusted environment, and it should not be used on a public computer. (Many companies set a policy that prohibits the saving of passwords.) Saving the password will not eliminate the request but will pre-populate it with the information so that only a single click/keystroke is needed to respond. The site should be added to the Trusted Sites zone if this approach is used.
The Trusted Sites Zone (from MS article: http://support.microsoft.com/kb/174360)
This zone contains Web sites that you trust as safe (such as Web sites that are on your organization’s intranet or that come from established companies in whom you have confidence). When you add a Web site to the Trusted Sites zone, you believe that files you download or that you run from the Web site will not damage your computer or data. By default, there are no Web sites that are assigned to the Trusted Sites zone, and the security level is set to Low.
Are your users running into other issues when trying to use Microsoft products? Please let us know!