proxyAddresses Field in Azure AD

Isaac Iguelmamene 21 Reputation points
2022-06-01T17:19:45.12+00:00

Will the proxyAddresses list in Azure AD always contain the value from the userPrincipalName field & the value from the mail field? I took a look at this documentation: https://learn.microsoft.com/en-us/troubleshoot/azure/active-directory/proxyaddresses-attribute-populate and this does seem to be the case, but I want to confirm. Basically, what I am trying to see is that if userPrincipalName has a value of x and mail has a value of y, then will proxyAddresses always contain both x and y? Of course with the values in the proxyAddresses list being pre-pended with "SMTP:" or "smtp:"

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,553 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,435 questions
0 comments
Accepted answer
  1. Vasil Michev 95,081 Reputation points MVP
    2022-06-01T17:43:52.843+00:00

    Office 365/Exchange Online enforces a policy that requires at least one of the aliases contained within proxyAddresses to match the UPN. This applies regardless of whether you are syncing the user object from on-premises AD or creating it directly in the cloud. It's not applied when the tenant is not using Exchange Online however (or the object is not licensed for Exchange).
    And, changing the mail attribute results in adding the supplied value as the primarySMTPaddress, while preserving the old value as a secondary alias. However, you can provision objects initially with different values for mail and primarySMTPaddress, including having one of them being null.
    So to answer the question, no, not always. But for most Exchange scenarios, yes.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest