Issue with Authentication in ADFS 2.0

Hi Guys, 

I have installed and configured ADFS 2.0 on a windows 2008 R2 Data center edition machine and my AD DS is installed on Windows server 2012 R2 server. While I am using ADFS as an IDP  and putting the email attribute in AD for users it is not getting authenticated, whereas when I remove the email attribute from users in AD, it works fine. 

Here I am using a self signed certificate in this setup.

This is the error in event logs of ADFS.

Encountered error during federation passive request. 

Additional Data 

Exception details: 
Microsoft.IdentityServer.Web.RequestFailedException: MSIS7012: An error occurred while processing the request. Contact your administrator for details. ---> System.ServiceModel.FaultException: MSIS3127: The specified request failed.
   at Microsoft.IdentityServer.Protocols.WSTrust.WSTrustClientManager.Issue(Message request, WCFResponseData responseData)
   at Microsoft.IdentityServer.Protocols.WSTrust.WSTrustClient.Issue(RequestSecurityToken rst, WCFResponseData responseData)
   at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.SubmitRequest(MSISRequestSecurityToken request)
   --- End of inner exception stack trace ---
   at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.SubmitRequest(MSISRequestSecurityToken request)
   at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.RequestBearerToken(MSISSignInRequestMessage signInRequest, SecurityTokenElement onBehalfOf, SecurityToken primaryAuthToken, String desiredTokenType, UInt32 lifetime, Uri& replyTo)
   at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.BuildSingleSignOnToken(SecurityToken securityToken, String issuer, FederationPassiveContext federationPassiveContext, String& signature)
   at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.SignIn(SecurityToken securityToken)

System.ServiceModel.FaultException: MSIS3127: The specified request failed.
   at Microsoft.IdentityServer.Protocols.WSTrust.WSTrustClientManager.Issue(Message request, WCFResponseData responseData)
   at Microsoft.IdentityServer.Protocols.WSTrust.WSTrustClient.Issue(RequestSecurityToken rst, WCFResponseData responseData)
   at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.SubmitRequest(MSISRequestSecurityToken request)

Please help me resolving this as I need to have email for all users account.

and both UPN and email are getting same description in claims as nameidentifier.

i.e. The schema which is generated from AD is same for email and UPN whether it should be different.