Using upn or domain\user to logon

Question

Hi,

I'm in the middle of phasing out our Microsoft TMG server and publishing Exchange 2013 with UTM. I've got reverse authentication with Active Sync working using the e-mail address (UPN) as the user name. The problem is that all our users have configured their devices using domain\username style logon instead of the UPN. To prevent having all users to change their logon in their account, is it possible to configure reverse authentication in such a way that it accepts both types of logon? I haven't been able to get this working yet. It's one or the other, but not both.

Any ideas?

Franc.

This thread was automatically locked due to age.

MartinBozko · Answer

I am migrating from TMG to UTM too.  I am testing to publish our Exchange. For me, it is working with DOMAIN
ame and name@domain.com . I have to use Reverse Authentication Profile "RevAuth_Form_Basic_RAD_AD_LDAP" in Site Path Routing rule.  "RevAuth_Form_Basic_RAD_AD_LDAP" has: mode - form form template - my own simmilar as TMG groups: this is important 1. group - backend - RADIUS - this one authenticate accounts in syntax DOMAIN
ame 2. group - backend - LDAP - chceck attribute "memberOf" for AD group (CN=group name,OU=Groups,OU=HQ,DC=company,DC=com) - this one authenticate accounts in syntax name@domain.com (but it can not use nested groups, it works only with groups with users inside) 3. group - backend - AD - limit to backend group membership - this one authenticate accounts in syntax name  I have all these auth. methods configured in: Definitions - Auth Services - Servers in this order: AD LDAP (user attribute >, custom: userPrincipalname, base DN: DC=company,DC=com) RADIUS