none
UPN attribute name RRS feed

  • Question

  •  article about ''user naming attributes'' says that the user can use the same UPN for login even after the domain is restructured. Can anyone please elaborate on this?
    Friday, August 17, 2018 9:42 AM

Answers

  • The UPN is in the form:

    username@domain.com

    The "username" need not match any other attribute of the user, like sAMAccountName. The UPN suffix in this case is "domain.com". But the user object in AD need not reside in that domain. The domain doesn't even need to exist and the user can still logon with that name. So if the domain is restructured or renamed, or the user is moved, they can still logon with the same UPN.


    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Friday, August 17, 2018 1:56 PM

All replies

  • The UPN is in the form:

    username@domain.com

    The "username" need not match any other attribute of the user, like sAMAccountName. The UPN suffix in this case is "domain.com". But the user object in AD need not reside in that domain. The domain doesn't even need to exist and the user can still logon with that name. So if the domain is restructured or renamed, or the user is moved, they can still logon with the same UPN.


    Richard Mueller - MVP Enterprise Mobility (Identity and Access)

    Friday, August 17, 2018 1:56 PM
  • Thank you!

    Wednesday, August 22, 2018 5:40 AM