New-MSOLUserPrincipalName

Posted on Apr 20, 2017 in IT Nerd Blog by 0 Comments

SCENARIO
You’re changing the e-mail domain of a user or even a bunch of users. After that you also need to set their UPN’s to reflect the change.

PROBLEM
The problem is that Azure AD Connect service doesn’t currently support changing domain of a UPN of an object that is already synced! So you have to run a powershell command to change it. But it get’s even more complicated because you can’t change the UPN from one federated domain to another without making it “unfederated” first.

SOLUTION
Enter New-MSOLUserPrincipalName, which is a function that will take the user with the current UPN ($UserPrincipalName), change it to a temporary UPN with the domain extension “@[your tenant].onmicrosoft.com” and change it to the new UPN ($NewUserPrincipalName). 

function New-MSOLUserPrincipalName {
  param (
    $UserPrincipalName,
    $NewUserPrincipalName
  )
  $TempUPN = "{0}@[your tenantname].onmicrosoft.com" -f $UserPrincipalName.split("@")
  Set-MsolUserPrincipalName -UserPrincipalName $UserPrincipalName -NewUserPrincipalName $TempUPN | Out-Null
  Set-MsolUserPrincipalName -UserPrincipalName $TempUPN -NewUserPrincipalName $NewUserPrincipalName
  Write-Output -InputObject "Successfully changed UPN from $UserPrincipalName to $NewUserPrincipalName"
}

Thanx to Johan Dahlbom for this one!

Download PS1 from Dropbox

Download PS1 from Dropbox

Tags: , , , ,


About the Author
Author

stoff

Popular posts Related Posts
Turning 40

Turning 40

The “Swedish Democrats” issue

The “Swedish Democrats” issue

Why Filesharing Won’t Go Away

Why Filesharing Won’t Go Away


The Big Tenant-to-Tenant Migration

The Big Tenant-to-Tenant Migration

Skype For Business Online Users Disabled ?

Skype For Business Online Users Disabled ?

Checking AD FS Federation & Certificate Status

Checking AD FS Federation & Certificate Status


Leave a reply