Joining a DC with SAM Account vs UPN

ComputerHabit 821 Reputation points
2022-09-28T12:23:05.447+00:00

I was wondering what would make UPN work versus using the Pre-Win2K samaccount name when joining a DC to an existing domain.

I’m setting up DC’s between sites. When adding a DC at the remote site the list of domains wouldn’t come up and got errors about server not available. I was using the Domain\admin samaccount name.

When I switched to UPN everything worked as it should.

I’m trying to explain this to myself but I’m not sure why UPN worked and not Samaccount.

Can anyone give me an idea why?

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,008 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. SChalakov 10,271 Reputation points MVP
    2022-10-06T08:28:43.483+00:00

    Hi @ComputerHabit ,

    hard to tell, because this could depend on DNS settings (or how the down level logon name - domain\SamAccountName is resolved) or it could also depend on some NTLM settings (Group Policy or so). This could play a keyy role, especially in bigger envirtonments with multiple domains in the same forest.
    This is a very intersting diuscssion on the topic, you might just find a some hints there:

    Any difference between DOMAIN\username and username@keyman .local?
    https://serverfault.com/questions/371150/any-difference-between-domain-username-and-usernamedomain-local

    This one I would also recommend:

    User principal name vs SAM account name
    https://serverfault.com/questions/928115/user-principal-name-vs-sam-account-name

    ----------

    (If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)
    Regards
    Stoyan Chalakov

    0 comments No comments

  2. ComputerHabit 821 Reputation points
    2022-10-06T15:00:18.783+00:00

    Turns out that I was forgetting that other servers host different roles in the forest. Although I haven't tested, I had several servers I need to add to Firewall exceptions.

    0 comments No comments