What is UPN?


What is UPN?


User Principal Name (UPN), in the Windows operating system's Active Directory, is the name of a system user in an e-mail address format. The UPN consists of the user's name (username), separator (the @ symbol) and the domain name (UPN suffix). An example would be john.doe@domain.com

Please keep in mind that UPN is not the same thing as e-mail address. You may find reasons to have UPN matching user's e-mail address and reasons to keep those different. 

The UPN can be checked and set directly in your Domain Controller Active Directory Users and Computers:

Fig. 1. UPN in Active Directory.

UPN address can also be set using PowerShell ps cmdlets:

import-module activedirectory
Get-ADUser -Filter * -SearchBase 'ou=<your ou>,dc=<your domain>,dc=<your top level domain>' -Properties userPrincipalName | foreach { Set-ADUser $_ -UserPrincipalName ("{0}@{1}" -f $_.name,"<your UPN suffix>")}

The UPN address is also present in Office 365, it is already assigned by default for any new users. The UPN suffix can be checked in the Office 365 admin center under Domains tab.

However, here on Office 365, you might stumble upon a problem where users' UPN suffixes are still domain.onmicrosoft.com instead of domain.com. You may find more information on that topic on Microsoft official KB article. In essence, you can edit the UPN addresses for Office 365 users by using Azure Active Directory Module for Windows PowerShell:

  1. Import Azure Active Directory Module for your PowerShell:
    import-module MSOnline
  2. Connect to Office 365 by running this cmdlet:
    $msolcred = get-credential
    connect-msolservice -credential $msolcred
  3. Change the UPN for a specific user:
    Set-MsolUserPrincipalName -UserPrincipalName <current UPN> -NewUserPrincipalName <new UPN>

See also: