User Principal Names (UPNs) in Active Directory

In Active Directory, the User Principal Name (UPN) attribute is a user identifier for logging in, separate from a Windows domain login. For more, see Microsoft's User Naming Attributes.

The format of the UPN attribute at IU is username@iu.edu. On April 2, 2019, the value was altered from username@ads.iu.edu to align the value used by Active Directory (see Your IU Active Directory Services (ADS) domain account and About Active Directory and the ADS domain) with other cloud services. If your application uses the UPN value, ensure your application conforms to the standard format.

Below are examples of what may be using UPN:

  • Third-party and in-house applications that bind to ADS.
  • Any application or service using the UPN username@iu.edu.
  • Not affected:
    • Machine names (such as bl-machine-*.ads.iu.edu)
    • How users log into Windows computers; this remains ads\username
    • The domain; this remains ads.iu.edu
    • LDAP bindings of the format cn=username,ou=Accounts,dc=ads,dc=iu,dc=edu

This is document atzp in the Knowledge Base.
Last modified on 2019-07-09 14:57:43.

Contact us

For help or to comment, email the UITS Support Center.