Re: LsaLogonUser and alternate UPN suffix

From: Padmini <padmini438@xxxxxxxxx>
Date: Tue, 3 Jun 2008 11:10:45 -0700 (PDT)

On May 28, 9:24 pm, DaveMo <david.mow...@xxxxxxxxx> wrote:

On May 28, 8:02 am, Padmini <padmini...@xxxxxxxxx> wrote:

CanLsaLogonUserlogin an username with the alternateUPNsuffix? For
e.g. the DNS name is "testing.local" and the alternateUPNsuffix for
domain is "test", can a user be logged in the format username@test
withLsaLogonUser?

Or, is there a way to translate alternateUPNsuffix to fully
qualified domain name?

This is in reference to developing a custom GINA where i have to login
username with alternateUPN.

Thanks,
Padmini

Padmini,

You should certainly tryLsaLogonUserwith the alternate suffix, but I
know that DsCrackNames can look up a user with altUPNand return a
standard form.

HTH,
Dave

Thanks. I translated the alternate DNS name with DsCrackNames and
passed the translated DNS name to LsaLogonUser but the API still fails
to login the user.
.

Next by Date: RE: emote console, WlxQueryConsoleSwitchCredentials, and WlxGetConsole
Next by thread: RE: emote console, WlxQueryConsoleSwitchCredentials, and WlxGetConsole
Index(es):
- Date
- Thread

Relevant Pages

Allow workgroup server to send SMTP email through our domain
... You are not using fully qualified domain names in the data that you ... The DNS server converts everything ... So either omit the labels that the DNS server is itself ...
(microsoft.public.windows.server.dns)
Re: dns lookup
... Qualified Domain Name of the computer? ... DNS tab are set as per the following. ... The client is probably configured with either no suffix or a different suffix than the zone in DNS. ...
(microsoft.public.windows.server.dns)