question

Hunter-9258 avatar image
0 Votes"
Hunter-9258 asked MarileeTurscak-MSFT answered

User account was deleted then recreated in on-prem, Old Azure account is not associated with new on-prem account.

I had a typo in a users account creation, so I had to make a new one for them. I wanted to see if editing the info (correcting name typo) in the users on-prem properties would affect the Azure object. Since Azure uses Object IDs to reference accounts, but on-prem uses something else (account names? CN?) I wasn't sure the azure ad object would still be associated with the on-prem object. After I changed the name in the on-prem object azure also updated, but since the mailbox for the user wasn't being found I decided to delete the on-prem object which in turn moved the azure object to the deleted users tab. I was hoping by making a new user and re-enabling the account in azure I would be able to just re-associate the objects but after a couple tests that didn't work.

Essentially I'm wondering if there's a way to force Azure to connect to this new account in on-prem AD. If not I believe my only option is to delete the account in on-prem and Azure and start from scratch.

Also I realize this is a long explanation and probably am referring to things by the incorrect name, I'm newer to azure/O365 so please bare with me!

azure-active-directorywindows-active-directoryazure-ad-microsoft-account
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

MarileeTurscak-MSFT avatar image
0 Votes"
MarileeTurscak-MSFT answered

Hi @Hunter-9258,

Thanks for your post!

Are you attempting to match or merge the individual user account in On-premises and Azure AD based on the UPN? If this is the case, you can use soft matching to match users accounts when their UPN or SMTP match across objects in the cloud and on-premises, or hard matching based on the sourceAnchor/ImmutableID.

To learn more about Hard-match vs Soft-match, please refer to the UPN matching guide and the guide, When You Already Have an Azure AD.

As you correctly pointed out, the synchronization only flows from on-premises to Azure and user writeback is not supported, so matching the attributes or deleting and starting over are the two ways to go.

I hope this helps!


If this information helped you, please remember to Accept the answer so that others in the community searching for similar answers can more easily find a solution.


5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.