Forum Discussion
Best practice when UPN and email address are different but both routable?
Our on-premise AD is a multi-domain forest with different business units in separate child domains. Each child domain uses a UPN of the form username[at]unitX.onpremad.com and we've validated all the...
Lain - thank you so much for taking the time to provide a detailed response. I appreciate it. At least on this page: https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/operations/configuring-alternate-login-id there is a call out that email == UPN is best practice, so I think that's where I got the idea from.
The fact that MS 1st party applications are okay with UPN != mail is encouraging. I had read some (probably outdated) blogs that seemed to suggest that there were known issues with the desktop applications like Outlook needing extra configuration when UPN and email don't match.
Again, thanks for the helpful reply.
The fact that MS 1st party applications are okay with UPN != mail is encouraging. I had read some (probably outdated) blogs that seemed to suggest that there were known issues with the desktop applications like Outlook needing extra configuration when UPN and email don't match.
Again, thanks for the helpful reply.
Hi, Brian.
With respect to Outlook, there's been a fix for a few years now in relation to how AutoDiscover behaves, which given you're a hybrid customer, you could easily deploy to domain-joined machines using Group Policy/SCCM and/or MDM-managed machines using something like Intune.
Cheers,
Lain