AD UPN & SAM authentication issue

Ben W Young ben.w.young at
Thu Oct 4 20:43:03 EDT 2007


Has anyone come across an issue where you cannot authenticate using the (or kinit) with an AD account with a different name for the UPN
and SAM? The SAM will authenticate but not the UPN? If the UPN and the SAM
are the same it authenticates.  Hope I explained my self ok...?

Trying to authenticate as "bob.jackson"
UPN:    bob.jackson at test
SAM:    bjackson
....Doesn't work

Trying to authenticate as "bjackson"
UPN: bob.jackson at test
SAM: bjackson!

If I change the SAM account to the UPN bob.jackson it works?

Any ideas..i am completely stumped and wasted to much time trying to figure
it out.

Also, why cant I authenticate with the true UPN name: bob.jacskson at test?

Is it something I have to change in the file? See below
    default_realm = TEST.DOMAIN.WIN
    dns_fallback = no

        kdc =
        admin_server =

Thanks for any tips,

Ben W Young

Technology Services Administrator
DET NSW - Northern Sydney Region

This message is intended for the addressee named and may contain
privileged information or confidential information or both. If you
are not the intended recipient please delete it and notify the sender.

More information about the Kerberos mailing list