strathit
asked on
Need Help getting UPN login to work!
Ok so I have added the UPN suffix (company.local) in Domains and Trusts Properities, and I have selected it in the users AD properities, but when I try and login I get:
"The system could not log you on" Please check...blah blah like the username or password is incorrect.
If I change the UPN in the users proerities to the default domain it works.
Need to make this work asap.
Thx
"The system could not log you on" Please check...blah blah like the username or password is incorrect.
If I change the UPN in the users proerities to the default domain it works.
Need to make this work asap.
Thx
If it's feasable you can have your users go the NT 4 style route with "domain\username" for now (where domain is company instead of company.local - the default). In the mean time I'll toss together a script that will add the UPN to the user account properties in AD. We can address the whys after we get things working for you.
Unitl the domain is in native mode, the Pre-Windows 2000 logon name is tied to the suffix the account was create with, therefore logging in with simply username defaults to the Pre-Windows 2000 logon. You'll either need to use the entire SPN (user@domain) or delete and recreate the user with the other UPN.
ASKER
Thanks for the replies, let me clear up a few things..
The users can login with username and password the traditional way. It is only the "addition" UPS suffix that I added that does not work. The AD domain default UPN works.
This is a windows 2003 domain running in Windows 2000 native mode.
Any other suggestions to get this working would be most helpful.
Thanks!
The users can login with username and password the traditional way. It is only the "addition" UPS suffix that I added that does not work. The AD domain default UPN works.
This is a windows 2003 domain running in Windows 2000 native mode.
Any other suggestions to get this working would be most helpful.
Thanks!
Sorry about that - I completely misread this.
So then, the user@newdomainsuffix logon doesn't work?
Each user account should now have a dropdown box for domain suffix. Is the new domain suffix selected for the test account? Each account can only have one suffix associated with them.
So then, the user@newdomainsuffix logon doesn't work?
Each user account should now have a dropdown box for domain suffix. Is the new domain suffix selected for the test account? Each account can only have one suffix associated with them.
ASKER
correct.
DOES NOT WORK user@newdomainsuffix
WORKS user@defaultdomainsuffix
Yes the new suffix is selected. And it only allows one UPN selection from the drop down box.
DOES NOT WORK user@newdomainsuffix
WORKS user@defaultdomainsuffix
Yes the new suffix is selected. And it only allows one UPN selection from the drop down box.
Create a new account with the new suffix. Does that work?
I think you'll find that the account must be created using the suffix you want to use.
I think you'll find that the account must be created using the suffix you want to use.
ASKER
Nope..can not login with new account created with new UPN.
Nothing in the event logs either. This is driving me crazy!
Nothing in the event logs either. This is driving me crazy!
ASKER
FOUND THE PROBLEM!
The computer that I was using was not a member of the 2003 domain!!!
I joined it to the domain...and it works.
I can change the UPN of any account and login using it now.
Thanks for you replys.
The computer that I was using was not a member of the 2003 domain!!!
I joined it to the domain...and it works.
I can change the UPN of any account and login using it now.
Thanks for you replys.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
So did I!!...lesson to always check the basics first. :)
Points for sticking with me...
Thx
Points for sticking with me...
Thx