By setting other optional UPN
suffixes you allow users from different domains in the same forest to logon on
with one simple logon naming convention.
Let’s say for example your
domain looks like it does in the diagram below:
In order for JUSER3 to log
into southamerica.gunderville.com using a UPN name they would have to enter JUSER3@southamerica.gunderville.com.
JUSER6 from the northamerica domain would have to enter JUSER6@northamerica.gunderville.com.
If UPN names had been set up
so that all users in the gunderville domain and the two child domains could use
@gunderville.com logins would be simpler as all users would only have to enter
@gunderville.com after inputting their username.
THE FIELD] – Users in
gunderville.com are already going to be logging in with JUSER@gunderville.com
as that is where their actual user accounts exist.
in the two respective child domains are not located in gunderville.com but by
using UPN suffixes they would be able to log into the domain where their user
account existed by simply entering @gunderville.com.
UPN names must
be unique in the forest.
If there is an
actual user account named “Jason” in gunderville.com there can also be a user
account of “Jason” in northamerica.gunderville.com, however, Jason@gunderville.com
would most likely be used by the “Jason” user account in gunderville.com.
The user of
the “Jason” account in northamerica.gunderville.com would have to use some
other @gunderville.com log on name (for example Jasonz@gunderville.com) in
order to make the UPN name unique in the forest.
Well, that wraps up this
section of “Learn Active Directory Design and Administration in 15 Minutes
a Week.” I hope you found it informative and will return for the next
installment. If you have any questions,
comments or even constructive criticism, please feel free to drop me a note. I want to write good, solid
technical articles that appeal to a large range of readers and skill levels and
I can only be sure of that through your feedback.
Until then, best of luck in
your studies and remember,
I used to think that “Legally
Drunk” was the funniest oxymoron I had heard until I heard someone mention
something about “Business Ethics.”
Jason Zandri, MCT, MCSE, Security+ Certified Professional, Certified Information Systems
Security Professional (CISSP),
currently holds the position of Technical Account Manager at Microsoft Corporation
and has worked as a technical trainer and consultant for a variety of corporate
clients in Connecticut over the past six years. He is available to work on an
independent contract basis for technical authoring and editing, including
books, articles, and whitepapers as well as customized corporate training and
Microsoft CTEC training.