How do I map AD mail to Azure UserPrinciple in Cloud Sync configuration

Question

I am setting up Azure Entra Cloud Sync to our on-premise Active Directory. I need the AD mail field to be the User Principle in Azure. I setup the mapping but the test provision always skips my user distinguished names, with a "NotFound" message. How do I configure it so that is syncs from on-premise and the "mail" field to the Azure "UserPrinciple"?

Answer 1

Hi @Michael S. Hearn

Thank you for Post!

I understand that you have setup the Azure Entra Cloud sync to your on-premises Active Directory, and you need to map the AD mail field to Azure UserPrincipleName.
We have tested your scenario on our end and the result was as we expected below are the steps.

To achieve this, login to Microsoft Entra admin center-> Identity -> Hybrid management->Microsoft Entre Connect -> choose Sync direction as AD to Microsoft Entra ID which as show in the below picture.

Next, we need to do the attribute mapping, the Target attribute is UserPrincipalName and we need to set the Source attribute as a mail which as shown in the below pictures.

change the mapping type to Direct and the source attribute is mail and keep the Default value empty which as show in the below picture, click apply to save the changes.

After successful completion wait for 2 mins to sync the user, group and password hash changes will be provisioned to Microsoft Entra ID. To test we have created a user profile in AD with the mail attribute and run the provision on demand with the users distinguished Name attribute and the result we are able to see the mail id under the UserPrincipleName which is shown the below pictures.

I hope this Answer helps! please Feel free to ask any questions you may have.

Reference: https://learn.microsoft.com/en-us/entra/identity/hybrid/cloud-sync/how-to-attribute-mapping

Thanks,

Akhilesh.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.