Need Help getting UPN login to work!

Ok so I have added the UPN suffix (company.local) in Domains and Trusts Properities, and I have selected it in the users AD properities, but when I try and login I get:
"The system could not log you on" Please check...blah blah  like the username or password is incorrect.
If I change the UPN in the users proerities to the default domain it works.
Need to make this work asap.
Thx
strathitAsked:
Who is Participating?
 
Netman66Commented:
Well, yes, that would certainly do it!

Never thought of asking you this since I asuumed you were testing it on a domain-joined PC.

0
 
CharliePete00Commented:
If it's feasable you can have your users go the NT 4 style route with "domain\username" for now (where domain is company instead of company.local - the default).  In the mean time I'll toss together a script that will add the UPN to the user account properties in AD.  We can address the whys after we get things working for you.
0
 
Netman66Commented:
Unitl the domain is in native mode, the Pre-Windows 2000 logon name is tied to the suffix the account was create with, therefore logging in with simply username defaults to the Pre-Windows 2000 logon.  You'll either need to use the entire SPN (user@domain) or delete and recreate the user with the other UPN.

0
Cloud Class® Course: C++ 11 Fundamentals

This course will introduce you to C++ 11 and teach you about syntax fundamentals.

 
strathitAuthor Commented:
Thanks for the replies, let me clear up a few things..

The users can login with username and password the traditional way.  It is only the "addition" UPS suffix that I added that does not work.  The AD domain default UPN works.

This is a windows 2003 domain running in Windows 2000 native mode.

Any other suggestions to get this working would be most helpful.

Thanks!
0
 
Netman66Commented:
Sorry about that - I completely misread this.

So then, the user@newdomainsuffix logon doesn't work?

Each user account should now have a dropdown box for domain suffix.  Is the new domain suffix selected for the test account?  Each account can only have one suffix associated with them.

0
 
strathitAuthor Commented:
correct.
DOES NOT WORK  user@newdomainsuffix
WORKS user@defaultdomainsuffix


Yes the new suffix is selected.  And it only allows one UPN selection from the drop down box.
0
 
Netman66Commented:
Create a new account with the new suffix.  Does that work?

I think you'll find that the account must be created using the suffix you want to use.

0
 
strathitAuthor Commented:
Nope..can not login with new account created with new UPN.
Nothing in the event logs either. This is driving me crazy!
0
 
strathitAuthor Commented:
FOUND THE PROBLEM!

The computer that I was using was not a member of the 2003 domain!!!
I joined it to the domain...and it works.
I can change the UPN of any account and login using it now.

Thanks for you replys.

0
 
strathitAuthor Commented:
So did I!!...lesson to always check the basics first.  :)
Points for sticking with me...
Thx
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.