• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 461
  • Last Modified:

Need Help getting UPN login to work!

Ok so I have added the UPN suffix (company.local) in Domains and Trusts Properities, and I have selected it in the users AD properities, but when I try and login I get:
"The system could not log you on" Please check...blah blah  like the username or password is incorrect.
If I change the UPN in the users proerities to the default domain it works.
Need to make this work asap.
Thx
0
strathit
Asked:
strathit
  • 5
  • 4
1 Solution
 
CharliePete00Commented:
If it's feasable you can have your users go the NT 4 style route with "domain\username" for now (where domain is company instead of company.local - the default).  In the mean time I'll toss together a script that will add the UPN to the user account properties in AD.  We can address the whys after we get things working for you.
0
 
Netman66Commented:
Unitl the domain is in native mode, the Pre-Windows 2000 logon name is tied to the suffix the account was create with, therefore logging in with simply username defaults to the Pre-Windows 2000 logon.  You'll either need to use the entire SPN (user@domain) or delete and recreate the user with the other UPN.

0
 
strathitAuthor Commented:
Thanks for the replies, let me clear up a few things..

The users can login with username and password the traditional way.  It is only the "addition" UPS suffix that I added that does not work.  The AD domain default UPN works.

This is a windows 2003 domain running in Windows 2000 native mode.

Any other suggestions to get this working would be most helpful.

Thanks!
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
Netman66Commented:
Sorry about that - I completely misread this.

So then, the user@newdomainsuffix logon doesn't work?

Each user account should now have a dropdown box for domain suffix.  Is the new domain suffix selected for the test account?  Each account can only have one suffix associated with them.

0
 
strathitAuthor Commented:
correct.
DOES NOT WORK  user@newdomainsuffix
WORKS user@defaultdomainsuffix


Yes the new suffix is selected.  And it only allows one UPN selection from the drop down box.
0
 
Netman66Commented:
Create a new account with the new suffix.  Does that work?

I think you'll find that the account must be created using the suffix you want to use.

0
 
strathitAuthor Commented:
Nope..can not login with new account created with new UPN.
Nothing in the event logs either. This is driving me crazy!
0
 
strathitAuthor Commented:
FOUND THE PROBLEM!

The computer that I was using was not a member of the 2003 domain!!!
I joined it to the domain...and it works.
I can change the UPN of any account and login using it now.

Thanks for you replys.

0
 
Netman66Commented:
Well, yes, that would certainly do it!

Never thought of asking you this since I asuumed you were testing it on a domain-joined PC.

0
 
strathitAuthor Commented:
So did I!!...lesson to always check the basics first.  :)
Points for sticking with me...
Thx
0

Featured Post

Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now