UPN Suffix - Single Forest Multiple Domain question RRS feed

  • Question

  • Environment:

    I have an environment that is single forest with 3 Tree-Root Domains and one of those domains having a child domain.  The root domain is empty. We use Exchange and are starting to setup outside websites to use ADFS for single-signon.  Our UPNs do not match our e-mail address currently.

    Cleanup process underway:

    We are looking to change our UPNs to match the email addresses and have already done the research with our applications so that we know what will/won't break.  


    The multiple domains were setup for the wrong reason as management was uneducated in the single domain/multiple suffixes ability.  The majority of our users live in domainB and eventually all domains will be consolidated to domainB but not in the near term.  

    We now have new users being hired and placed in domainC but their email address is the same as domainB.  We don't have the option to pull down domainB in the UNC drop down because it is already a domain in the forest.  If I add that to the suffix list, it works but when i look at the UNC path in domainB, domainB shows up twice in the list and I don't want to cause confusion.  I can use powershell to set the UPN to domainB.


    By setting users in domainC with a UPN of domainB using PowerShell, would there be any concern of breaking anything by doing this?  We tested with one user account and the things that he does daily continue to function without issues but just need some validation.


    Jason Apt, Microsoft Certified Master | Exchange 2010 My Blog

    Thursday, January 7, 2016 9:54 PM


All replies