[Samba] Local vs public domain dns

Jonathon Reinhart jonathon.reinhart at gmail.com
Fri Mar 12 04:05:57 UTC 2021

Hi Phil,

An account in AD can be identified by exactly one User Principal Name
(UPN), which takes the same form as an email address: user at domain.com.
The part after the @ sign is called the "UPN Suffix". The default UPN
suffix is the same as the provisioned domain name. If you've followed
Microsoft's advice, this is different from (or a subdomain of) your
main DNS domain, e.g. "ad.contoso.com". However, your users' UPNs will
not match their email addresses.

You can add additional UPN suffixes to your AD via the "Active
Directory Domains and Trusts" management console. Then when users are
created, you can select a different UPN suffix for their UPN --
presumably one that matches their email address.

Unfortunately, there is no way to set a "default" UPN suffix for new
accounts, nor is there a built-in way to ensure they are consistent.
However, my tool ADMan [1] can ensure UPN suffix consistency (across
the domain or within an OU).

Hope this helps,

[1]: https://gitlab.com/JonathonReinhart/adman

On Thu, Mar 11, 2021 at 10:15 PM Philippe LeCavalier via samba
<samba at lists.samba.org> wrote:
> Hi,
> I recall reading some time ago about the ability to add an alternate domain
> name somewhere in the samba (or samba's internal dns backend) config so
> that when users open programs like outlook for the first time or are
> prompted for sign in they could choose their actual public email domain
> rather than the local non-public one. I can't quite come up with the right
> terms to google it. Can someone point me in the right direction or am I not
> remembering that correctly?
> Thanks, Phil
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list