Changing the login name for employee accounts

UPN in KIT-AD and Microsoft Entra ID


Users currently log in to the desktop or mailbox with kit\<ab1234> or <firstname.surname> Now the variant <firstname.surname> will be changed to <ab1234>

After the changeover, there are only these three login options:
<ab1234> - KIT\<ab1234> - <ab1234> .

Why is this change necessary?

  • Login names should be independent of name changes
  • Login names should be standardized across all systems

What does the user have to consider when using the services within the KIT?

  • Login to the KIT-AD only with kit\<ab1234> or <ab1234> This applies to logging in to Windows, KIT mailbox, SharePoint (KIT team pages), SCC file server, etc.
  • Anyone who has previously logged in with <firstname.lastname> and
    • whose computer is on the KIT intranet must log in with <ab1234> after the changeover;
    • whose computer is located in the home office must log in once after the changeover with <firstname.surname>, establish a VPN connection to KIT, lock the screen and then unlock it again with <ab1234> or kit\<ab1234>.
  • Please note the following when using e-mail:
    • OWA ( The login only works with kit\<ab1234> or <ab1234>
    • Mail programs (Outlook, IMAP, CALDAV, etc.): Login now only works with kit\<ab1234> or <ab1234> A reconfiguration may be necessary, depending on what was previously used as the user name.
    • Smartphone (ExchangeActiveSync): The login and automatic configuration now only works with kit\<ab1234> or <ab1234> A reconfiguration will probably be necessary, depending on what was previously used as the user name. If the username cannot be edited and corrected, the account must be removed and re-added. Further information may also need to be taken into account for Android smartphones:

Tip: Whenever a password is required, it is the login name...

What does the user need to consider when using the services in the Microsoft cloud?

The Teams account has now been provided with a link to the mailbox. The mailbox itself is still stored locally on KIT's own mail servers.

The following new functionalities are now available:

  • Calendar:
    • View appointments,
    • Status display is also shown depending on free/booked time,
    • Create Teams meetings from within Teams
    • Note: It can take up to 7 days for the calendar to be displayed in MS Teams.
  • Collaboration with external partners: An invitation from external companies in their Teams environment can be sent to any of your own e-mail addresses.

Notes for employees who created their own Teams account before 16.03.2020

  • Teams on the smartphone: Log out of the app, log in again with <ab1234> an. If this is not sufficient, the app must be deleted and reinstalled.
  • Existing guest accounts with external partners: these will continue to work.
  • OneDrive: You have to log in to OneDrive again. The easiest way seems to be to reboot the computer once and then test access to OneDrive. Saved links may need to be updated .
  • OneNote: OneNote notebooks saved in OneDrive must be closed and reopened.

What will change from a technical perspective?

  • For user accounts managed by IDM, the LDAP attribute userPrincipalName will be changed from <firstname.surname> to <sAMAccountName> in KIT-AD.