O365: UPN must be the same as email address

This post is also available in: Slovenian




When deploying a Microsoft cloud services Office 365, it’s necessary to consider a lot of things before deploying. One of the issues is the UPN – user name that is used for login to O365 services. Here are recommendations and reasons why the email address and UPN must be the same.

Reasons why the UPN address should be the same as the email address

1. UPN is used to log on to O365 services

The UPN is in format  user@domain. Users identify use of @ with their email address and they do not clearly now when and why they have to use user format @ (UPN) for O365 login

 

2. Skype for Business Online & Teams

For SFB and Microsoft Teams, the default SIP address is the same as UPN; Inside organization there will
be no problem finding the right person to contact, however, if we want the external partners to find us, they will have problems unless we tell them our UPN (in this case it is good to have the UPN address also as an nonprimary email address.

 

3.Office 365 and OneDrive

they want to periodically check the credentials for signing in to the appsand then throw a popup window where it says that you need to enter an email address, although you really need to enter the UPN

 

4.Mobile applications

especially with iOS, require the user to enter email adress twice, although the second time in fact they want the UPN address

 

5.Active Sync Clients use Autodiscover

When UPN is not the same as the email address, Autodiscover does not recognize the settings and so they must be entered manually in the @domain format once – for the user and once for the email address, which is again a misunderstanding for the ordinary user when to use something. If it’s the same, it’s enough to enter only once your email address and password. Given that in Outlook 2016 is no longer option to be able to manually enter the settings, but everything goes through Autodiscover, there would be a lot of problems if Exchange Online will be used in the future.

 

6.Exchange online

In the future, when switching to Exchange online, this will be even more important in order to facilitate the operation of Autodiscover.

 

The reason not to change UPN

Some applications can be used for login UPN, and not samAccountName (domain \ user).

 

Conclusion

Changing UPN to be the same as the mail address makes everything much more easy for users and also for IT Department. There is a powershell script that allows you to change the UPN to equal the main email address. SamAccountName can remains the same as before.

Saša

Works as system engineer in Slovenian Enterprise in Microsoft environment focusing on security, deployments, SharePoint, SCCM and CheckPoint firewall. Author of successful blog about IT security, Microsoft tips & tricks, social media, internet trends.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.