Non matching UPN and Samaccount
Mahesh Aralelemath
386
Reputation points
Hi,
In our environment
- on-prem AD UPN is not in a structured, routable format.
- email address is mapped to UPN while syncing on-prem Accounts to M365 using AADConnect.
- Tenant is configured as federated and uses ADFS for authentication.
Now with email address used as UPN to login to M365 and broken UPN at on-prem is causing issues in SSO experience.
We are working out to correct the UPN to match with email address so that both are same.
Also ADFS is planned to migrate to PTA.
Now the question is,
- Can we have Samaccount differently (Ex: Name)
- Email address and UPN to same ( Ex: firstname.lastname@domainname)
With this be accepted scenario from SSO point of view and all authentication?
Are there any issues in such scenario ?
Microsoft Security | Microsoft Entra | Microsoft Entra ID
25,160 questions
Sign in to answer