Exchange 2016 OWA Log on UPN format won't work

I'm trying to set my OWA login option to UPN format. However it seems not to work even though I've set it to that format in authentication. See attached.

I'm trying to use the following format | username@domain.com

Only this format works | domain\username

I've also restarted the IIS.
EXCHANGE-2017-11-13-08-59-46.png
sf1eldsNetwork AdministratorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

CESNetwork AdministratorCommented:
You need to change the forms-based authentication format.

in the ECP, go to Servers > Virtual Directories.  Open the OWA virtual directory and then go to Authentication.  Change the radio button under forms based authentication to meet your needs.

You may need to restart IIS to get this to take effect.
MASEE Solution Guide - Technical Dept HeadCommented:
Did you try after reseting  IIS
iisreset/noforce
sf1eldsNetwork AdministratorAuthor Commented:
@ CES IT: I did exactly that, I included a screen shot in my question.

@ MAS: Yes I did that.
Get Blueprints for Increased Customer Retention

The IT Service Excellence Tool Kit has best practices to keep your clients happy and business booming. Inside, you’ll find everything you need to increase client satisfaction and retention, become more competitive, and increase your overall success.

Pete LongTechnical ConsultantCommented:
Check you user object(s) that their UPN is actually set to what you think it is, and is not the netbios name for the domain. (i.e your email address is not your UPN)
Does the CAS serve you are logging into hate a global catalog server in the same site/subnet object in AD?
sf1eldsNetwork AdministratorAuthor Commented:
@Pete: Totally lost as to what your trying to say here. "Check you user object(s) that their UPN is actually set to what you think it is, and is not the netbios name for the domain. (i.e your email address is not your UPN)
Does the CAS serve you are logging into hate a global catalog server in the same site/subnet object in AD?"
MASEE Solution Guide - Technical Dept HeadCommented:
For testing please change it back to "Username only"  and make sure OWA VDs works fine.
Capture2.PNG
Tom CieslikIT EngineerCommented:
Do you have external name for your domain installed in your active directory ?

In most cases users using different name for inside and outside, so for example inside UPN name is user@domain.local where for outside is like email address: user@domain.com
sf1eldsNetwork AdministratorAuthor Commented:
It works fine with 'username only'. Tried that already.
MASEE Solution Guide - Technical Dept HeadCommented:
I hope you changed your UPN as below. i.e. User logon name is equal to email address.
Capture2.PNG

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sf1eldsNetwork AdministratorAuthor Commented:
I just tried logging on to the OWA from the local network using "username@domain.local" and that worked.
Tom CieslikIT EngineerCommented:
That's why because you domain.local is recognized and your External domain don't.
sf1eldsNetwork AdministratorAuthor Commented:
@MAS Ok you maybe onto something here. When I go to user properties I'm only seeing "@domain.local". How do I add "@domain.com"?
MASEE Solution Guide - Technical Dept HeadCommented:
Please check this to add a new UPN suffix.
https://technet.microsoft.com/en-us/library/cc772007(v=ws.11).aspx
Pete LongTechnical ConsultantCommented:
This was the point I was trying to make above?

P
Tom CieslikIT EngineerCommented:
That's why I was asking you if external domain name is registered in your Doman. :)

To add UPN suffixes
Open Active Directory Domains and Trusts. To open Active Directory Domains and Trusts, click Start , click Administrative Tools , and then click Active Directory Domains and Trusts .
In the console tree, right-click Active Directory Domains and Trusts , and then click Properties .
On the UPN Suffixes tab, type an alternative UPN suffix for the forest, and then click Add .
Repeat step 3 to add additional alternative UPN suffixes.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.