Browse Definitions :
Definition

User Principal Name (UPN)

What is a User Principal Name (UPN)?

In Microsoft Active Directory, a User Principal Name (UPN) is a username and domain in an email address format. In a UPN, the username is followed by a separator "at sign" (@) followed by the active directory's internet domain.

An example UPN is [email protected]. In this example "tomw" is the username and "corp.techtarget.com" is the domain's fully qualified domain name (FQDN) and registered web address as a suffix. The domain's NetBIOS name is "corp." The UPN is used instead of down-level logon name corp\tomw.

All Active Directory user accounts must have a UPN. An implicit UPN is generated by the system at account creation if a UPN is not explicitly created by an administrator. Each UPN must be unique in the domain.

What are the services in Active Directory?
The User Principal Name in Microsoft Active Directory is an email addresses formatted username and domain.

UPNs are useful because they are more standards complaint than using the down-level logon name with a backslash. They are based on internet standard RFC 822. This allows them to be used for authentication with web services and non-Windows operating systems. The UPN can be used for federated, SAML and OAuth scenarios.

Is a UPN the same as an email address?

A UPN is not the same as the user's email address. In many cases they are the same value for ease of use, but UPN and email have different internal uses and are defined in different active directory attributes. The UPN can be adjusted by an administrator to a different value. The user's email address can also be changed to another value. The UPN and email address may be different if the domain's FQDN isn't internet routable and a different web domain is needed for the email to function.

Having a user's UPN and primary email SMTP address be different values can cause issues. For example, an ActiveSync email client can use the email address to autodiscover the correct server and then use the email as the login name. If the UPN and email are different however, the user may need to manually enter the server address and then enter the similar looking but different username.

UPN and Azure Active Directory

Microsoft Windows Azure Active Directory is a cloud-based implementation of Active Directory. It uses UPN as the username or primary account identity. While a user may only need to enter their username in on-premises authentication, for Azure AD the user will almost always need to enter their full UPN.

By default, on Azure AD the UPN is set to [email protected] to ensure a globally unique value. If an internet domain name has been verified by Azure AD, that domain can be used as the UPN suffix. An administrator can change a user's UPN with remote PowerShell commands.

An administrator can set an Alternate Logon ID instead of the UPN. This can be used in scenarios where the email address and UPN are different due to policy or application dependency. The user could then login with their familiar email address instead of with their UPN.

How to change a UPN in Active Directory

In Active Directory Users and Computers tool, available in Remote Server Administration tools (RSAT), open the user account properties. On the Account tab, change the User logon name prefix or suffix.

In PowerShell, use the following:

Import-Module ActiveDirectory
Set-ADUser username -UserPrincipalName [email protected]

How to Change a UPN in Azure Active Directory

Use the following in PowerShell:

Import-Module MSOnline
Set-MSOUserPrincipalName -UserPrincipalName oldupn -NewUserPrincipalName newupn

See how to set up automated log collection with PowerShell, why you should consider Azure AD group-based licensing for Office 365 users and how to get started with Azure AD entitlement management.

This was last updated in December 2022

Continue Reading About User Principal Name (UPN)

Networking
  • firewall as a service (FWaaS)

    Firewall as a service (FWaaS), also known as a cloud firewall, is a service that provides cloud-based network traffic analysis ...

  • private 5G

    Private 5G is a wireless network technology that delivers 5G cellular connectivity for private network use cases.

  • NFVi (network functions virtualization infrastructure)

    NFVi (network functions virtualization infrastructure) encompasses all of the networking hardware and software needed to support ...

Security
  • virus (computer virus)

    A computer virus is a type of malware that attaches itself to a program or file. A virus can replicate and spread across an ...

  • Certified Information Security Manager (CISM)

    Certified Information Security Manager (CISM) is an advanced certification that indicates that an individual possesses the ...

  • cryptography

    Cryptography is a method of protecting information and communications using codes, so that only those for whom the information is...

CIO
  • B2B (business to business)

    B2B (business-to-business) is a type of commerce involving the exchange of products, services or information between businesses, ...

  • return on investment (ROI)

    Return on investment (ROI) is a crucial financial metric investors and businesses use to evaluate an investment's efficiency or ...

  • big data as a service (BDaaS)

    Big data as a service (BDaS) is the delivery of data platforms and tools by a cloud provider to help organizations process, ...

HRSoftware
  • talent acquisition

    Talent acquisition is the strategic process an organization uses to identify, recruit and hire the people it needs to achieve its...

  • human capital management (HCM)

    Human capital management (HCM) is a comprehensive set of practices and tools used for recruiting, managing and developing ...

  • Betterworks

    Betterworks is performance management software that helps workforces and organizations to improve manager effectiveness and ...

Customer Experience
  • martech (marketing technology)

    Martech (marketing technology) refers to the integration of software tools, platforms, and applications designed to streamline ...

  • transactional marketing

    Transactional marketing is a business strategy that focuses on single, point-of-sale transactions.

  • customer profiling

    Customer profiling is the detailed and systematic process of constructing a clear portrait of a company's ideal customer by ...

Close