How to Add UPN Suffixes in Active Directory

2 minutes to read

How to add UPN suffixes to a forest? Adding these suffixes gives you the ability to use a friendly user-logon name that does not match the domain’s or parent domains’ naming structure or you have more office sites and wants to make a custom login by a domain name. From my experience, the UPN is easier to remember.

Following the instructions  in order to add a UPN Suffix to Active Directory

  1.  Log in to Windows Server with a domain administrator account.
  2. Open Server Manager, select Active Directory Domains and Trusts from the Tools menu.
  3. In the Active Directory Domains and Trusts management console, right-click Active Directory Domains and Trusts in the left pane and select Properties from the menu.
  4. In the dialogue box on the UPN Suffixes tab, type the name of the suffix that you would like to add to your AD forest in the Alternate UPN suffixes box. Click Add and then OK.
  5. Close the Active Directory Domains and Trusts console.

As I said above you can use the UPN suffixes is for a simple highlighting in AD or easier to restructure users in your business.

The following tip is valuable if you add just suffix for your directory, in case if you have a lot of users to update, it is easier to use Windows PowerShell.

$LocalUsers = Get-ADUser -Filter {UserPrincipalName -like '*contoso.local'} -Properties userPrincipalName -ResultSetSize $null
$LocalUsers | foreach {$newUpn = $_.UserPrincipalName.Replace("contoso.local","contoso.com"); $_ | Set-ADUser -UserPrincipalName $newUpn}

 

Leave a Reply

Your email address will not be published.Required fields are marked *