Hi All,
I have a tenant enable ADFS with multiple domain support. e.g.,
Suppore on-premise AD, setup as domain xyz.com, such that user have login like:
XYZ\user1 or UPN: user1@xyz.com, then, an alternate upn suffix is added, e.g. abc.com, so, a single forest may contain following AD user:
- XYZ\user1, UPN: user1@xyz.com
- XYZ\user2, UPN: user2@abc.com
Setup ADFS with multipledomain support, I found that, IMAP of office365 accept login:
- user1@xyz.com, user2@abc.com and user2@xyz.com, but,
- user1@abc.com cannot login
That's mean the upn suffix is interchangeable for user in abc.com.
I would like to confirm is it a normal behaviour? or how could system reject incorrect user upn login?
Chris