Forum Discussion
Office 365 + local domain .local and external .com shows Users will not be able to sign-in azure ad?
As long as you have the domain verified in O365, you will be able to sync the .com domain correctly. Of course, make sure that it's added as additional UPN suffix on-prem and the corresponding user attributes are changed to reflect the new suffix.
- Thats the part i havent done is add the suffix using the powershell command.. i'm a bit nervous about running it.. doesnt it also change each user to the .com as the way to log in to their machines.. would they know its changed without me stating.. ie: i guess only if they log off and back onto their win 10 machines? Any chance this breaks anything onsite by making them use .com? IE: our local skype is using servername.domain.local for the pool at least.
Not sure which PowerShell cmdlet you are referring to, but adding the suffix in the AD Domains and Trust snap-in is harmless. Changing the user's UPN to reflect the new suffix will change the way they login to some applications, but the old domain\samaccountname method will continue to work.
Ah ok.. so either way no harm even with a brute force command line method?
I think either way, for single sign on to work as it should with exchange online later on, they all need to sign in via .com anyway.. so i'm guessing this is fine
Here is the article for the command line/powershell https://blogs.technet.microsoft.com/canitpro/2015/07/07/step-by-step-changing-the-upn-suffix-for-an-entire-domain-via-powershell/#comment-234715ell
