[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 459
  • Last Modified:

Need Help getting UPN login to work!

Ok so I have added the UPN suffix (company.local) in Domains and Trusts Properities, and I have selected it in the users AD properities, but when I try and login I get:
"The system could not log you on" Please check...blah blah  like the username or password is incorrect.
If I change the UPN in the users proerities to the default domain it works.
Need to make this work asap.
Thx
0
strathit
Asked:
strathit
  • 5
  • 4
1 Solution
 
CharliePete00Commented:
If it's feasable you can have your users go the NT 4 style route with "domain\username" for now (where domain is company instead of company.local - the default).  In the mean time I'll toss together a script that will add the UPN to the user account properties in AD.  We can address the whys after we get things working for you.
0
 
Netman66Commented:
Unitl the domain is in native mode, the Pre-Windows 2000 logon name is tied to the suffix the account was create with, therefore logging in with simply username defaults to the Pre-Windows 2000 logon.  You'll either need to use the entire SPN (user@domain) or delete and recreate the user with the other UPN.

0
 
strathitAuthor Commented:
Thanks for the replies, let me clear up a few things..

The users can login with username and password the traditional way.  It is only the "addition" UPS suffix that I added that does not work.  The AD domain default UPN works.

This is a windows 2003 domain running in Windows 2000 native mode.

Any other suggestions to get this working would be most helpful.

Thanks!
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
Netman66Commented:
Sorry about that - I completely misread this.

So then, the user@newdomainsuffix logon doesn't work?

Each user account should now have a dropdown box for domain suffix.  Is the new domain suffix selected for the test account?  Each account can only have one suffix associated with them.

0
 
strathitAuthor Commented:
correct.
DOES NOT WORK  user@newdomainsuffix
WORKS user@defaultdomainsuffix


Yes the new suffix is selected.  And it only allows one UPN selection from the drop down box.
0
 
Netman66Commented:
Create a new account with the new suffix.  Does that work?

I think you'll find that the account must be created using the suffix you want to use.

0
 
strathitAuthor Commented:
Nope..can not login with new account created with new UPN.
Nothing in the event logs either. This is driving me crazy!
0
 
strathitAuthor Commented:
FOUND THE PROBLEM!

The computer that I was using was not a member of the 2003 domain!!!
I joined it to the domain...and it works.
I can change the UPN of any account and login using it now.

Thanks for you replys.

0
 
Netman66Commented:
Well, yes, that would certainly do it!

Never thought of asking you this since I asuumed you were testing it on a domain-joined PC.

0
 
strathitAuthor Commented:
So did I!!...lesson to always check the basics first.  :)
Points for sticking with me...
Thx
0

Featured Post

Restore individual SQL databases with ease

Veeam Explorer for Microsoft SQL Server delivers an easy-to-use, wizard-driven interface for restoring your databases from a backup. No expert SQL background required. Web interface provides a complete view of all available SQL databases to simplify the recovery of lost database

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now