Solved

Active Directory Fields used to login

Posted on 2014-01-17
4
341 Views
Last Modified: 2014-01-21
We are trying to set up a single sign-on solution and I was asked if there is another field we can use in Active Directory for login Authentication. Basically they want a user to be given two different ways they can log into the AD domain. We currently log in with First Initial Last name and the password. They want to also use firstname.lastname. So use either JDOE or John.Doe as the user name for the same account. Is that possible in Active Directory?
0
Comment
Question by:JohnMantsch
4 Comments
 
LVL 39

Accepted Solution

by:
footech earned 200 total points
ID: 39790016
No (but let me qualify that).
You have two possible formats for providing the user logon name.  One is the pre-Windows 2000, in the form of DOMAIN\username (in many cases you can omit the DOMAIN\ portion as it is used automatically).  The second is the UserPrincipalName (UPN), in the form of username@domain.com.  The username portion between does not have to be the same between the pre-Windows 2000 and UPN forms (but it's usually a good idea to keep these the same).  The suffix portion of the UPN (@domain.com) can vary (i.e. you can have multiple UPN suffixes within a domain), but only one can be valid for a particular user.
So you could have both of the following be valid:
DOMAIN\jdoe
john.doe@domain.com (but it's more typical for this to be jdoe@domain.com)
0
 
LVL 5

Expert Comment

by:alicain
ID: 39790043
I'll second the "No" answer...it'd be a nice new feature request.
0
 
LVL 35

Expert Comment

by:Mahesh
ID: 39791099
If I can understand your requirement, this is requirement for Microsoft O365 Suite or some thing like that.

What you need to do, just change upper user logon name (UPN) on account tab of user properties in AD to Firstname.Lastname (Which is equal to Email Alias hopefully).
Also you need to specify UPN Suffix that is registered in O365 portal. If its already not there you need to create one through domains and trust.

When user logon to workstation \ network shares, he actually use User logon name (Pre windows 2000) for that.
You can check on client computers the name of his profile folder, you will find it is same as pre windows 2000 logon name

Mahesh
0
 

Author Closing Comment

by:JohnMantsch
ID: 39797201
Thank you
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As network administrators; we know how hard it is to track user’s login/logout using security event log (BTW it is harder now in windows 2008 because user name is always “N/A” in the grid), and most of us either get 3rd party tools, or just make our…
In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now