As you know, with Windows 10 you can join your device to Azure Active Directory and then use your user principal name (UPN) – which usually is also your email address.
In the past (aka when the device was Active Directory domain joined), end-users were used to enter their username using the ‘short name’ (aka SAMAccountName) to open their Windows session.
The ‘switch’ from the SAMAccountName to the UPN format was/is not always easy.
Well, good news! You can now define the default (or preferred) Azure AD tenant domain to use when signing on a Windows 10 AAD Joined, making things easier as end-users will be able to continue to enter ‘just’ their short username.
Off course, they can still continue/change to use the UPN format.
To configure the preferred domain, logon to your Azure portal (https://portal.azure.com) or Device Management portal (https://devicemanagement.microsoft.com) and reach out the Intune\Device Configuration\Profiles blade
Then create or edit the Device restriction profile and configure the Password\Preferred Azure AD tenant domain field with the domain matching the domain part of the UPN
Once the policy is applied to your Intune Windows 10 devices, this domain will define as the one to use and your end-users just have to enter their ‘short’ username
NOTE this will also impact the domain used if you use Remote Desktop client to connect to remote devices; this has his importance if you need to logon using some local account (for example when logging on standalone/workgroup server)