Using Multiple User Principal Name Suffixes
When configuring ADFS in your own local the default login of any user authenticating into the environment would be user@domain.local or something of that sort. At many times, especially when working with multiple applications, we would like the user to authenticate using different login credentials such as user@mynewdomain.com. In order to implement this, we can add suffixes that gives us the ability to user a friendly logon name that is not the same as the domain or parent's domain name.
When configuring ADFS in your own local the default login of any user authenticating into the environment would be user@domain.local or something of that sort. At many times, especially when working with multiple applications, we would like the user to authenticate using different login credentials such as user@mynewdomain.com. In order to implement this, we can add suffixes that gives us the ability to user a friendly logon name that is not the same as the domain or parent's domain name.
In order to add a domain suffix to a forest, we need to follow the instructions below:
- Log on to the domain controller, or a computer that has the different Active Directory Management Tools, and open Active Directory Domains and Trusts.
- When the application opens, right-click on the Active Directory Domain and Trusts in the Tree window pane, and select Properties from the pop-up menu.
- On the UPN Suffixes tab, type the new User Principal Name suffix that you would like to add to the existing forest.
- Click Add and click OK
After the domain suffixes have been added, new users that are added to the domain can select the UPN suffix to use.
*This post is locked for comments