LCS and UPN's

I was messing around with LCS last night here in my lab.  I had installed LCS a couple times and helped customers get up and running, but I am not an LCS expert.  I was trying to duplicate a customer issue where I wanted to limit how certain users could talk to and add to their various chat client.  Instead, I ran into an issue where I couldn't get any clients to sign in.

After messing around with SRV records, "LCS enabling" users in AD, and making sure the service was starting, I still couldn't log in with ANY users.  I then started looking at what the SIP URI was defaulting to.  I discovered that it was defaulting to one of the valid UPN names that I have in my domain.  But, this wasn't the UPN for the domain the users were in.

Example:

Domain name extended for LCS:  contoso.com

SIP URI:  myuser@vanitydomain.com

Since the SIP URI doesn't match the domain extended for LCS, the user can't login.  After adjusting the LCS user properties for my users to reflect the the "real" domain name (myuser@contoso.com) everything worked fine.

I am not sure why any valid UPN wouldn't work since the users are still part of the domain, but I assume it is just how LCS validates users to allow them to use the server.