@grb storing all sites uris would not solve the problem. I’ll try to explain it again.
Lets say the Active Directory account is first.last@dns-domain.com. Active Directory accepts different writing style of the same account. All types that I know are:
- first.last
- AD-DOMAIN\first.last
- first.last@ad-domain.com
- first.last@dns-domain.com
As I said its all the same account! And yes the AD-Domain and DNS-Domain can be different which is not unsual in Active Directory environments. But now comes the problem:
Every application that has implemented functionalities to authenticate against LDAP / Active Directory can force a specific writing style for the account. For example:
URI1: https://www.example.com will only accept “first.last”
URI2: https://adfs.example.com will only accept “AD-DOMAIN\first.last”
URI3: https://service1.example.com will only accept “first.last@ad-domain.com”
URI4: https://example-my.sharepoint.com will only accept “first.last@dns-domain.com”
I hope I was able to explain it clearly.