question

ScottSorenson-0468 avatar image
0 Votes"
ScottSorenson-0468 asked shashishailaj commented

old (renamed in AD) account credentials still exist on user causing issue with new user created on Azure AD sync

Original user TUSER@domain changed to new username TNewUser@domain
Azure AD Sync created smtp address of TUSER@domain.onmicrosoft.com initially (as well as X.500)
Username and Email address changed in AD, and new addresses show up correctly in Azure.
onmicrosoft.com and X.500 not updated (not in AD to update).

New user created at TUSER@domain and causing sync error / collision with old user account, forcing Azure to create TUSERXXXX@domain.onmicrosoft.com and throws a sync error.

We only use Azure AD connect/sync. We do not have 360 or hosted / hybrid email.

I have disabled AD sync using power shell. Deleted new user account (and deleted from recycle) waited then re-enabled sync and the same issue occurs.

How can I change those addresses on the old user account to reflect the new name so that the sync does not have an error.

Do I need to stop sync, delete both accounts, and then restart sync? Old user has app rights for b2b w this account, so i prefer not to create an issue by deleting it. Is there another solution?

TIA.

azure-ad-connect
· 1
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

shashishailaj avatar image shashishailaj ·

@ScottSorenson-0468 ,
Apologies for the delayed response. As far as I understand you have renamed the UPN attribute of the user and and created a new user with the same old UPN which is causing the conflict . I would first suggest to check the AD sync error on the old account in the AD connect tool. It will show you the details of the attribute which is causing the conflict Then you can fix the attribute on the object on-premise or in the cloud. I am checking more on this but I think TUSER@domain is still there in either proxyaddresses value for the cloud object which can be causing this . I would suggest you to check this from exchange online admin center and once we clear the old entry the sync error should go away .

0 Votes 0 ·

0 Answers