Hi, I'm trying to setup alternate upn suffixes so that our users can login usinguser@domain.com instread of domain\user. We have one forest and one domain (DC Windows 2003 SP2).
I went ahead and added the alternate UPNs in Active Directory Domains & Trust, but they do not show up in the dropdown (account tab) in ADUC. I think it has something to do with our old Exchange 2003 policies but not sure. We are on Exchange 2010 now (decomissioned Ex 2003), but I still see the old policies via ADSIedit.
More info..... I noticed the behavior is dependent on which OU I create a user. For example we have two companys (company1 and company2) each with their own OU. If I create this user in OU "Company1" it restricts what I can choose as a suffix: domain.corp and old-domain.com (I want to be able to see new-domain.com - which I have added to alternate UPN suffix in AD domains and trusts). Company 2 behaves in a similar fashion. If I create the user in OU outside of these company OU's I can see all of the domains I created as alternate UPNs.
So seems like there are policies somewhere, just can't figure out where.
Help!
-Manny