notacomputergeek

Here is an update to my blog Sync On-Prem AD With Existing Azure AD (now Microsoft Entra ID) Users. Often, a user wants to change their name and email address. It’s not as straight forward, mainly, since the UserPrincipalName does not automatically get updated. Here are the necessary steps to get it done.

1. In Active Directory Users and Computers, right-click the user, then click Rename
2. Change the name and press the Enter key
3. Change all necessary fields on the Rename user dialog box
4. Double-click user to bring up the Properties dialog box
5. Click the Attribute Editor tab and verify the following fields are correct. You’ll want to add the current name as an alias so they can still receive email at the old address
   

cn, displayName, givenName, name, proxyAddresses (entering uppercase SMTP will make it the primary address), sAMAccountName, sn, userPrincipalName

Here’s the part I have not figured out how to change without using PowerShell. After syncing, you will notice that in admin.microsoft.com, the username field still shows the old email address. The following commands need to be executed in PowerShell on the on-prem server to update the UserPrincipalName.

Install-Module MSOnline (if not installed already)
Connect-MsolService and sign-in (if not already signed-in)
Set-MsolUserPrincipalName -UserPrincipalName oldname@domain.com
-NewUserPrincipalName newname@domain.com

Run ‘Start-ADSyncSyncCycle -policytype Delta’ in PowerShell to manually sync changes.

Readers, please let me know if there is a better way to update the UserPrincipalName instead of using PowerShell.