DualShield supports the following user name formats:

sAMAccountName

The sAMAccountName attribute is a logon name used to support clients and servers from previous version of Windows, such as Windows NT 4.0, Windows 95, Windows 98, and LAN Manager.

User Principal Name

User Principal Name (UPN) is a logon name in the format of "UPN-Prefix@UPN-Suffix"

UPN PrefixIn the Active Directory, the UPN Prefix is called "User logon name" 
UPN Suffix

There are 2 types of UPN

Implicit UPN - the UPN Suffix is the "DNS Name" in AD

Explicit UPN - any string defined by the administrator 

Examples:

DualShield supports Explicit UPN only. It does not support Implicit UPN

Down-Level Logon Name

Down-Level Logon Name (DLN) is a logon name in the format of "DLN-Prefix\DLN-Suffix" or "DLN-Prefix/DLN-Suffix"

DLN Prefix

DualShield supports the following DLN Prefix

  • NetBIOS Name defined in AD
  • DNS Name in defined AD
  • Domain Name defined in DualShield

Examples

  • deepnetid\jbond
  • deepnetid.com\jbond
  • deepnetid4client1\jbond
DLN Suffix

DualShield supports the following DLN Prefix

  • sAMAccountName in the AD
  • UPN

Examples


References

https://learn.microsoft.com/en-us/windows/win32/secauthn/user-name-formats

https://learn.microsoft.com/en-us/windows/win32/ad/naming-properties


  • No labels