User-Principal-Name attribute
Applies to: desktop apps only
This attribute contains the UPN that is an Internet-style login name for a user based on the Internet standard RFC 822. The UPN is shorter than the distinguished name and easier to remember. By convention, this should map to the user email name. The value set for this attribute is equal to the length of the user's ID and the domain name. For more information about this attribute, see the Naming Properties topic in the Active Directory guide.
| CN | User-Principal-Name |
|---|---|
| Ldap-Display-Name | userPrincipalName |
| Size | - |
| Update Privilege | Domain administrator or account owner. |
| Update Frequency | In theory this should never change. |
| Attribute-Id | 1.2.840.113556.1.4.656 |
| System-Id-Guid | 28630ebb-41d5-11d1-a9c1-0000f80367c1 |
| Syntax | String(Unicode) |
Implementations
- Windows 2000 Server
- Windows Server 2003
- ADAM
- Windows Server 2003 R2
- Windows Server 2008
- Windows Server 2008 R2
- Windows Server 8 Beta
Windows 2000 Server
| Link-Id | - |
|---|---|
| MAPI-Id | - |
| System-Only | False |
| Is-Single-Valued | True |
| Is Indexed | True |
| In Global Catalog | True |
| NT-Security-Descriptor | O:BAG:BAD:S: |
| Range-Lower | - |
| Range-Upper | - |
| Search-Flags | 0x00000001 |
| System-Flags | 0x00000012 |
| Classes used in | User |
Windows Server 2003
| Link-Id | - |
|---|---|
| MAPI-Id | - |
| System-Only | False |
| Is-Single-Valued | True |
| Is Indexed | True |
| In Global Catalog | True |
| NT-Security-Descriptor | O:BAG:BAD:S: |
| Range-Lower | - |
| Range-Upper | - |
| Search-Flags | 0x00000001 |
| System-Flags | 0x00000012 |
| Classes used in | User |
ADAM
| Link-Id | - |
|---|---|
| MAPI-Id | - |
| System-Only | False |
| Is-Single-Valued | True |
| Is Indexed | True |
| In Global Catalog | True |
| NT-Security-Descriptor | O:BAG:BAD:S: |
| Range-Lower | - |
| Range-Upper | - |
| Search-Flags | 0x00000001 |
| System-Flags | 0x00000012 |
| Classes used in | - |
Windows Server 2003 R2
| Link-Id | - |
|---|---|
| MAPI-Id | - |
| System-Only | False |
| Is-Single-Valued | True |
| Is Indexed | True |
| In Global Catalog | True |
| NT-Security-Descriptor | O:BAG:BAD:S: |
| Range-Lower | - |
| Range-Upper | - |
| Search-Flags | 0x00000001 |
| System-Flags | 0x00000012 |
| Classes used in | User |
Windows Server 2008
| Link-Id | - |
|---|---|
| MAPI-Id | - |
| System-Only | False |
| Is-Single-Valued | True |
| Is Indexed | True |
| In Global Catalog | True |
| NT-Security-Descriptor | O:BAG:BAD:S: |
| Range-Lower | - |
| Range-Upper | - |
| Search-Flags | 0x00000001 |
| System-Flags | 0x00000012 |
| Classes used in | User |
Windows Server 2008 R2
| Link-Id | - |
|---|---|
| MAPI-Id | - |
| System-Only | False |
| Is-Single-Valued | True |
| Is Indexed | True |
| In Global Catalog | True |
| NT-Security-Descriptor | O:BAG:BAD:S: |
| Range-Lower | - |
| Range-Upper | - |
| Search-Flags | 0x00000001 |
| System-Flags | 0x00000012 |
| Classes used in | User |
Windows Server 8 Beta
| Link-Id | - |
|---|---|
| MAPI-Id | - |
| System-Only | False |
| Is-Single-Valued | True |
| Is Indexed | True |
| In Global Catalog | True |
| NT-Security-Descriptor | O:BAG:BAD:S: |
| Range-Lower | - |
| Range-Upper | - |
| Search-Flags | 0x00000001 |
| System-Flags | 0x00000012 |
| Classes used in | User |
Remarks
In ADAM, this attribute is not required to be in the Internet standard RFC 822 format; it can be a simple name.
Send comments about this topic to Microsoft
Build date: 2/3/2012
UPN format is described in RFC 822 (obsoleted by RFC 2822)
Snippet from section 6. Address Specification
addr-spec = local-part "@" domain ; global address
local-part = word *("." word) ; uninterpreted
; case-preserved
domain = sub-domain *("." sub-domain)
sub-domain = domain-ref / domain-literal
domain-ref = atom ; symbolic reference
example
admin@mydomain.org
- 10/29/2007
- Steve Butler MSFT
- 7/8/2010
- Thomas Lee
