Solved

Need Help getting UPN login to work!

Posted on 2006-07-20
10
449 Views
Last Modified: 2010-05-18
Ok so I have added the UPN suffix (company.local) in Domains and Trusts Properities, and I have selected it in the users AD properities, but when I try and login I get:
"The system could not log you on" Please check...blah blah  like the username or password is incorrect.
If I change the UPN in the users proerities to the default domain it works.
Need to make this work asap.
Thx
0
Comment
Question by:strathit
  • 5
  • 4
10 Comments
 
LVL 7

Expert Comment

by:CharliePete00
ID: 17150217
If it's feasable you can have your users go the NT 4 style route with "domain\username" for now (where domain is company instead of company.local - the default).  In the mean time I'll toss together a script that will add the UPN to the user account properties in AD.  We can address the whys after we get things working for you.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 17150562
Unitl the domain is in native mode, the Pre-Windows 2000 logon name is tied to the suffix the account was create with, therefore logging in with simply username defaults to the Pre-Windows 2000 logon.  You'll either need to use the entire SPN (user@domain) or delete and recreate the user with the other UPN.

0
 

Author Comment

by:strathit
ID: 17167502
Thanks for the replies, let me clear up a few things..

The users can login with username and password the traditional way.  It is only the "addition" UPS suffix that I added that does not work.  The AD domain default UPN works.

This is a windows 2003 domain running in Windows 2000 native mode.

Any other suggestions to get this working would be most helpful.

Thanks!
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 
LVL 51

Expert Comment

by:Netman66
ID: 17167653
Sorry about that - I completely misread this.

So then, the user@newdomainsuffix logon doesn't work?

Each user account should now have a dropdown box for domain suffix.  Is the new domain suffix selected for the test account?  Each account can only have one suffix associated with them.

0
 

Author Comment

by:strathit
ID: 17167794
correct.
DOES NOT WORK  user@newdomainsuffix
WORKS user@defaultdomainsuffix


Yes the new suffix is selected.  And it only allows one UPN selection from the drop down box.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 17167813
Create a new account with the new suffix.  Does that work?

I think you'll find that the account must be created using the suffix you want to use.

0
 

Author Comment

by:strathit
ID: 17168176
Nope..can not login with new account created with new UPN.
Nothing in the event logs either. This is driving me crazy!
0
 

Author Comment

by:strathit
ID: 17168210
FOUND THE PROBLEM!

The computer that I was using was not a member of the 2003 domain!!!
I joined it to the domain...and it works.
I can change the UPN of any account and login using it now.

Thanks for you replys.

0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 17168273
Well, yes, that would certainly do it!

Never thought of asking you this since I asuumed you were testing it on a domain-joined PC.

0
 

Author Comment

by:strathit
ID: 17187523
So did I!!...lesson to always check the basics first.  :)
Points for sticking with me...
Thx
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
Learn about cloud computing and its benefits for small business owners.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question