2008R2 functionality

Hello - the default SPN is xyz.local

Can I make the default company.com?

PS I do have it currently added to Domains and Trusts so it works we'd just like to make it the default.

It seems that you are looking to renaming an AD domain (Not SPN). If this is the case then here you go: https://technet.microsoft.com/en-us/library/cc738208(v=ws.10).aspx

You need to be careful with your AD-Integrated applications as some might not support this practice or would require a manual intervention.

no, that is not correct. The user logon is an SPN, MS supports implicit and explicit, I simply want to have AD use one over the other as the default.

I think you mean UPN (User Principal Name) and you already defined a UPN suffix which you want it to be the default one.

See that about the same topic: http://serverfault.com/questions/45576/set-default-upn-suffix-for-creating-new-users-in-active-directory

You can define your default UPN when creating your users using scripts - I always use Powershell scripts when provisioning new users instead of ADUC. For ADUC, I am not aware of a way to change the default UPN.

Hi Jamicon,

Thanks for your post.

Please may I ask that what's the format when you log on?  An implicit
UPN usually formats with  UserName@DNSDomainName.com. And an explicit UPN is  of the form Name@Suffix. 

The basic syntax of service principal name is as follows: <service type> /< instance name> :< port number> /< service name>.       

In your scenario, you could add alternate UPN suffixes, but you cannot modify the default UPN suffix. When creating a new user in ADUC, you must either accept the default or select an alternate from the pulldown list. Of course, if you script user creation you can assign any value to the userPrincipalName attribute, including no value, or even an invalid value.

If you have any question related to the issue. Please feel free to contact us. :)

Best Regards,

Mary Dong