Share via

New AD Trust when UPN suffix exists in one Domain of the new Domain that will be trusted

Dane Briggs 281 Reputation points
2024-02-19T16:49:58.57+00:00

We have 2 Forest with a single Domain under each Forest. We want to set up a 2 way Trust between Domain-A and Domain-B. Domain-A has a alternative UPN suffix for Domain-B and due to antiquated software is actively being used. We have users in Domain-A that log into Domain Domain-A using Domain-B UPN suffix. I want to set up a 2 way trust between Domain-A and Domain-B. However, I am concerned about potential issues with a Trust where the alternative UPN suffix matches the Domain we are going to trust. Will there be any issues setting up the Trust and if not will there be any issues with any users using the alternative UPN suffix?

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,917 questions
0 comments
Accepted answer
  1. Thameur-BOURBITA 36,226 Reputation points
    2024-02-19T17:03:56.0566667+00:00

    Hi @Dane Briggs

    The UPN suffix should be assigned to one forest to avoid Name Suffix routing conflict . If you are using the same UPN suffix on two trusted forest , user cannot access on trusted forest using this suffix, because this suffix is assigned to his forest. You shoud define a unique suffix for each forest before establish the trust relationship. User's image

    Please don't forget to accept helpful answer

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.