If you create a user whose SAM (Security Accounts Manager) account name contains the @, or you use a UPN (User Principal Name) suffix that contains the @, you may experience strange behavior.
Active Directory behaves as if there is an @ between the SAM account name and the UPN suffix. If you add an unexpected @, some Active Directory administration tools, and/or authentication will experience problems.
While Microsoft supports the @ in the SAM, and authentication protocols support it, it is too similar to the UPN syntax to be reliably used. Some tools or interfaces will invariably fail.
If you create Jerry@Corporate as the SAM account name, Jerry must logon using Jerry@Corporate@<DomainName>.
0 comments
Hide comments