asked on Active directory user accounts
I have my domain accounts set up with user names not email addresses. How Can I make it so they can authentic with email address instead of user accounts
Email ClientsExchangeActive Directory
Last Comment
gwickert
ASKER
You are correct. They authentic with user.doman.local. I need them to authentic with email.domain.com
Is this a specific application where you have this requirement, if so, you would have to build the email to user translation mechanism.
Not sure whether a user can have two entries or the AD defined with addminanme.local as primary when used to join while accepting addomainname.com as a reference/acceptable substitute. It is possible for email. I have to recheck the AD structure whether a user record can have multiple username@ type of records.
Not sure whether a user can have two entries or the AD defined with addminanme.local as primary when used to join while accepting addomainname.com as a reference/acceptable substitute. It is possible for email. I have to recheck the AD structure whether a user record can have multiple username@ type of records.
ASKER
Yes application needs this. How do I build the mechanism?
Is the users's email with which you want them to access part of their user AD contact set? You would need to search through the AD to locate the username whose email is being provided and use it with the password the user provides to validate.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Glen
Ok let me explain better. I have outlook web access site set up as:
https://mail.<domain>.com/owa
The user logs in using <ADAccount> and password. The AD account user name is something like john245. He has an email address: jsmith@<domain>.com
My application needs the login account to be the e-mail address not the john245.
Ok let me explain better. I have outlook web access site set up as:
https://mail.<domain>.com/owa
The user logs in using <ADAccount> and password. The AD account user name is something like john245. He has an email address: jsmith@<domain>.com
My application needs the login account to be the e-mail address not the john245.
Now that you provided detail, searching for "change exchange owa login use" Displays an assortment of responses some whose links I can not place here.
The powershell Exchange cmdlet that will deal with altering the login from the username to the AD based domain name is:
Set-OwaVirtualDirectory
The implication though as gwickert pointed out is that the user will have to use the username@domain.com to access all resources once this change is made.
An alternative is post processing you know the username, so the email being accessed is known as well ....
Or there is more detail that could further this along?
The powershell Exchange cmdlet that will deal with altering the login from the username to the AD based domain name is:
Set-OwaVirtualDirectory
The implication though as gwickert pointed out is that the user will have to use the username@domain.com to access all resources once this change is made.
An alternative is post processing you know the username, so the email being accessed is known as well ....
Or there is more detail that could further this along?
Hi Tim,
In that case, you can set OWA to use UPN as the login attribute. I actually think more recent (perhaps 2007 plus, don't quote me) allow login via UPN by default. You would then go through my above post of adding a UPN suffix of 'mydomain.com', set that on all users, then it should work.
Further to the above, I read some anecdotal evidence on another site which said that setting UPN to have a custom suffix will NOT stop the default UPN suffix from working. I can't confirm this, so testing would be required.
Hope this helps.
Glen.
In that case, you can set OWA to use UPN as the login attribute. I actually think more recent (perhaps 2007 plus, don't quote me) allow login via UPN by default. You would then go through my above post of adding a UPN suffix of 'mydomain.com', set that on all users, then it should work.
Further to the above, I read some anecdotal evidence on another site which said that setting UPN to have a custom suffix will NOT stop the default UPN suffix from working. I can't confirm this, so testing would be required.
Hope this helps.
Glen.
Presumably you have addomainname.local while your public email is addomainname.com.
An ad user can have multiple email addresses, aliases, ......