Solved

Need Help getting UPN login to work!

Posted on 2006-07-20
10
452 Views
Last Modified: 2010-05-18
Ok so I have added the UPN suffix (company.local) in Domains and Trusts Properities, and I have selected it in the users AD properities, but when I try and login I get:
"The system could not log you on" Please check...blah blah  like the username or password is incorrect.
If I change the UPN in the users proerities to the default domain it works.
Need to make this work asap.
Thx
0
Comment
Question by:strathit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
10 Comments
 
LVL 7

Expert Comment

by:CharliePete00
ID: 17150217
If it's feasable you can have your users go the NT 4 style route with "domain\username" for now (where domain is company instead of company.local - the default).  In the mean time I'll toss together a script that will add the UPN to the user account properties in AD.  We can address the whys after we get things working for you.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 17150562
Unitl the domain is in native mode, the Pre-Windows 2000 logon name is tied to the suffix the account was create with, therefore logging in with simply username defaults to the Pre-Windows 2000 logon.  You'll either need to use the entire SPN (user@domain) or delete and recreate the user with the other UPN.

0
 

Author Comment

by:strathit
ID: 17167502
Thanks for the replies, let me clear up a few things..

The users can login with username and password the traditional way.  It is only the "addition" UPS suffix that I added that does not work.  The AD domain default UPN works.

This is a windows 2003 domain running in Windows 2000 native mode.

Any other suggestions to get this working would be most helpful.

Thanks!
0
Why You Need a DevOps Toolchain

IT needs to deliver services with more agility and velocity. IT must roll out application features and innovations faster to keep up with customer demands, which is where a DevOps toolchain steps in. View the infographic to see why you need a DevOps toolchain.

 
LVL 51

Expert Comment

by:Netman66
ID: 17167653
Sorry about that - I completely misread this.

So then, the user@newdomainsuffix logon doesn't work?

Each user account should now have a dropdown box for domain suffix.  Is the new domain suffix selected for the test account?  Each account can only have one suffix associated with them.

0
 

Author Comment

by:strathit
ID: 17167794
correct.
DOES NOT WORK  user@newdomainsuffix
WORKS user@defaultdomainsuffix


Yes the new suffix is selected.  And it only allows one UPN selection from the drop down box.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 17167813
Create a new account with the new suffix.  Does that work?

I think you'll find that the account must be created using the suffix you want to use.

0
 

Author Comment

by:strathit
ID: 17168176
Nope..can not login with new account created with new UPN.
Nothing in the event logs either. This is driving me crazy!
0
 

Author Comment

by:strathit
ID: 17168210
FOUND THE PROBLEM!

The computer that I was using was not a member of the 2003 domain!!!
I joined it to the domain...and it works.
I can change the UPN of any account and login using it now.

Thanks for you replys.

0
 
LVL 51

Accepted Solution

by:
Netman66 earned 500 total points
ID: 17168273
Well, yes, that would certainly do it!

Never thought of asking you this since I asuumed you were testing it on a domain-joined PC.

0
 

Author Comment

by:strathit
ID: 17187523
So did I!!...lesson to always check the basics first.  :)
Points for sticking with me...
Thx
0

Featured Post

Instantly Create Instructional Tutorials

Contextual Guidance at the moment of need helps your employees adopt to new software or processes instantly. Boost knowledge retention and employee engagement step-by-step with one easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Finding and deleting duplicate (picture) files can be a time consuming task. My wife and I, our three kids and their families all share one dilemma: Managing our pictures. Between desktops, laptops, phones, tablets, and cameras; over the last decade…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question