What is the difference in AD Logons

What is the difference in logging onto desktops in ether

usermame:johnd
domain:mydomain

or

username:JohnDoe@mydomain.ParentDomain.com

I have found that using the first method seems to yield more reliable results but I think that the second method is preferred post NT domains. What should we be using and is there any way of using the second method without having to type out @mydomain.ParentDomain.com whenever a different use logs on.
MattWilkinsonAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

theras2000Commented:
There's about 4 ways to login (some available at different places):
1. username: johnd
    domain: mydomain
2. johnd.mydomain.parentdomain.com
3. mydomain\johnd
4. johnd@parentdomain.com

1, 2 & 3 are identical, and match directly to the AD account, in that the spelling and layout is predetermined/static.

Option 4 is configurable by the Domain Admin, and he can make it whatever he likes.  Generally he makes it johnd@parentdomain.com, because that would be the same as John's email address, which is easy to remember.  Quite useful in a multi-domain environment, so that all users in the forest can use the same type of login.
This is known as a UPN suffix, and can be confgured here in AD Domains & Trusts like this: http://support.microsoft.com/kb/243629
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
NikSystems SpecialistCommented:
Whichever way you use, you should get the same result when logging in.
mydomain\username - netbios login pre-2000 domain
username@domainname - Fully Qualified Domain Name login (FQDN)

username
password
domain

-same thing as FQDN.
0
bluntTonyHead of ICTCommented:
The first login is the older NT4 style login, using the domain NetBIOS name then the user sAMAccountName (e.g. DOMAIN\username)
The second is the newer UPN style login used by post NT4 systems. This uses the username together with the DNS domain name (e.g. username@domain.local).
Both result in exactly the same thing, as they both point to the same user account. They're just both available to provide backward compatibility.
For the UPN style login, if you want to shorten the second section for child domains, as this can start getting long as you have said, you can create a custom UPN suffix for the forest. For example, if you have a user in the domain child.parent.local, instead of them having to type in 'username@child.parent.local', you could create a custom UPN suffix, e.g. 'company', then assign this to the user, so the login would be 'username@company'.
How to create a new UPN suffix : http://support.microsoft.com/kb/243629
After you have created the new UPN suffix, it will be available to choose from the drop down box when you create a user, and you can assign it to existing users on the 'Account' tab of the user properties in ADUC.
Tony.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Active Directory

From novice to tech pro — start learning today.