Add user principal name suffixes

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Adding user principal name suffixes

To add user principal name suffixes

  1. Open Active Directory Domains and Trusts.

  2. In the console tree, right-click Active Directory Domains and Trusts, and then click Properties.

  3. On the UPN Suffixes tab, type an alternative user principal name (UPN) suffix for the forest, and then click Add.

  4. Repeat step 3 to add additional alternative UPN suffixes.


  • To perform this procedure, you must be a member of the Domain Admins group or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority. As a security best practice, consider using Run as to perform this procedure. For more information, see Default local groups, Default groups, and Using Run as.

  • To open Active Directory Domains and Trusts, click Start, click Control Panel, double-click Administrative Tools, and then double-click Active Directory Domains and Trusts.

  • UPN suffixes should conform to DNS conventions for valid characters and syntax.

  • UPN suffixes are stored in the uPNSuffixes property of the following LDAP leaf: LDAP://cn=partitions,cn=configuration,dc=<domain>,dc=<domainsuffix>.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also


Working with MMC console files
Active Directory naming
Unicode character support
Routing name suffixes across forests