Renaming on-prem user that was renamed when syncing to Azure AD

S T 101 Reputation points
2020-06-03T16:17:47.897+00:00

We had a domain.onmicrosoft.com with a couple of users but one had name@keyman .com as their user.

We then synced our on-prem server with Azure AD, so we had a local user which matched this by email. What it did was rename the on-prem user to user1234@keyman .com only on the Azure side. We deleted the domain.onmicrosoft.com account so we could assign the original username/email to this account but it will not let us change it back.

There is no writeback to on-prem so locally its all okay.

If we go to edit online - the "User Principal Name" box is greyed out.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,664 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. AmanpreetSingh-MSFT 56,311 Reputation points
    2020-06-04T09:22:32.33+00:00

    Hi @S T ,

    You cannot change UPN of synced users on Azure as the source of authority is Windows Server AD. To change UPN you have 2 options:

    1. Move the user to a non-sync OU, let it delete from Azure AD and move it back to sync OU.
    2. Use Set-MsolDirSyncEnabled -EnableDirsync $False cmdlet and then change the UPN. I would not recommend this in your case as you just want to change UPN of only one user and if you disable and re-enable Dirsync, it may take upto 72 hrs. So, choose to go with first option.

    -----------------------------------------------------------------------------------------------------------

    Please do not forget to "Accept the answer" wherever the information provided helps you. This will help others in the community as well.

    1 person found this answer helpful.