In the LFDS under Settings then the Identity Provider tab there is a field called Unique Name Attribute. Currently the field is using sAMAccountName, can this be changed to use the UPN?
This attribute is currently only editable for LDAP Identity Providers.
If this is causing you problems, can you share the user login flow?
AD Identity Providers were not included when we released the ability to edit the Unique Name Attribute for LDAP Identity Providers, but we could investigate adding it into a future release. At the time of release last year, we only had use cases for LDAP, not regular AD Identity Providers, so knowing your use case would be helpful.
I have a customer that has a new domain that is set up with something like something.domain.com and an additional suffix of domain.com. They are able to log in with user@something.domain.com but not the additional one with user@domain.com. Because they are trying to keep things simple they want their users to use the user@domain.com option.