>> Windows uses the long name if you logon with a UPN, otherwise it uses >> the short name selected in the drop down list box. > >Mmm, I thought the last big network I was on had multiple NT domains >under one realm. Perhaps not.
Well, giving the impression that this is the case is one of the reasons UPNs exist -- for example, you could set all users' UPN suffix to that of the forest root (or some other arbitrary domain) and they can logon as [EMAIL PROTECTED], [EMAIL PROTECTED] (!) even though mba2000's real domain might be win.ioplex.com and mine xad.ioplex.com. :-) >> The name to SID mapping protocol allows a variety of name types to be >> specified, including UPNs. > >Meaning you can use UPNs with something like >LsarLookupNames? Interesting. Didn't know that. Yes. -- Luke -- ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
