Avatar of banu111
banu111
 asked on

What is the difference between user principal name and same account name

Can anybody explain what is the difference.
I am working on an project where I am using
Userprincipal.Getattribute("samaccountname");
Userprincipal.Getattribute("userprincipalname");
Application ServersActive DirectoryC#

Avatar of undefined
Last Comment
Ess Kay

8/22/2022 - Mon
motnahp00

samaccountname = User logon name
userprincipalname = User logon name + (UPN) suffix

UPN logon looks just like an email address.
Ess Kay

here is a basic difference



Applies to: desktop apps only
The logon name used to support clients and servers running earlier versions of the operating system, such as Windows NT 4.0, Windows 95, Windows 98, and LAN Manager. This attribute must be less than 20 characters to support earlier clients.
CN      SAM-Account-Name
Ldap-Display-Name      sAMAccountName
Size      Less than 20 characters.
Update Privilege      Domain administrator
Update Frequency      This value should be assigned when the account record is created, and should not change.
Attribute-Id      1.2.840.113556.1.4.221
System-Id-Guid      3e0abfd0-126a-11d0-a060-00aa006c33ed
Syntax      String(Unicode)




Applies to: desktop apps only
This attribute contains the UPN that is an Internet-style login name for a user based on the Internet standard RFC 822. The UPN is shorter than the distinguished name and easier to remember. By convention, this should map to the user email name. The value set for this attribute is equal to the length of the user's ID and the domain name. For more information about this attribute, see the Naming Properties topic in the Active Directory guide.
CN      User-Principal-Name
Ldap-Display-Name      userPrincipalName
Size      -
Update Privilege      Domain administrator or account owner.
Update Frequency      In theory this should never change.
Attribute-Id      1.2.840.113556.1.4.656
System-Id-Guid      28630ebb-41d5-11d1-a9c1-0000f80367c1
Syntax      String(Unicode)


UPN has no character limit
UPN is typically the email address  (username @ domain,
    as oppsed to the SAN which is a short version of the username


hope this helps

ref:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms680857(v=vs.85).aspx
http://msdn.microsoft.com/en-us/library/windows/desktop/ms679635(v=vs.85).aspx
ASKER CERTIFIED SOLUTION
Brian Pierce

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
Anuradha Goli

http://msdn.microsoft.com/en-us/library/windows/desktop/ms677605(v=vs.85).aspx

Applies to: desktop apps only
This attribute contains the UPN that is an Internet-style login name for a user based on the Internet standard RFC 822. The UPN is shorter than the distinguished name and easier to remember. By convention, this should map to the user email name. The value set for this attribute is equal to the length of the user's ID and the domain name. For more information about this attribute, see the Naming Properties topic in the Active Directory guide.
CN      User-Principal-Name
Ldap-Display-Name      userPrincipalName
Size      -
Update Privilege      Domain administrator or account owner.
Update Frequency      In theory this should never change.
Attribute-Id      1.2.840.113556.1.4.656
System-Id-Guid      28630ebb-41d5-11d1-a9c1-0000f80367c1
Syntax      String(Unicode)
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck
Ess Kay

lol  

@anuradhay, you did NOT just re paste half of my answer