I can't use User Principal Name for Communicator when I am in a VPN session RRS feed

  • Question

  • Hi,


    me and my colleagues are facing a minor problem with Office Communicator during VPN sessions.


    Our OCS enviroment is "hosted" in one of our DMZs and has its own forest. So a different domain-name from our internal and the SIP-Domain. All users / devices intern and extern connect via Edge Server. Communicator credential saving is allowed via group policy.


    If someone is successfully connected using the UPN in its credentials like: jsmith@domain.com and switch into VPN (ISA server) Communiator will disconnect and all reconnection attempts fail. Changing the Logon to SAMaccount name like: dmzdomain\jsmith will connect Communicator immediately.


    Intern and extern we can use UPN, only in VPN it fails.


    What might cause this behavior? Has anyone an idea how to fix it? Thanks in advance.


    Best regards,


    Monday, November 24, 2008 1:29 PM

All replies

  • Sounds crazy.  Can you turn on the trace logs on the local machine and fail the logon process?  I wonder what the error is that is being returned.  It can't be the standard one since it works with the SAM.  Must be something else coming back.

    Thursday, December 4, 2008 4:03 AM
  • I would take a close look at how DNS and WINS resolutions works for your VPN-connected users as that can highlight the difference in UPN versus DOMAIN\Account login formats.


    Thursday, December 4, 2008 1:56 PM