2,147 questions
UPNs Change After Adding New Federated Domain to Azure
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 4%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESJ%3C/text%3E%3C/svg%3E)
Shaun Johnson
1
Reputation point
Morning,
I wonder if anyone here has seen this behaviour before, I'm trying to understand how something happened for a client and 365 support basically told me they cant tell me anything useful and we have to pay for Azure support - which obviously no one wants to do.
We have a federated domain that we use for Office 365. A new subdomain of that domain was added using powershell. At the next AD Sync, it seems that every user account was touched, which I suppose is expected as it checks for the presence of the new domain. However, for a few accounts, changes were made that we cannot explain. One account ended up with an entirely new UPN, which was a breaking change for a customers process. A few other accounts either lost of gained a proxy address, although these were non breaking changes.
Is anyone able to explain why this happens?
{count} votes
-
JamesTran-MSFT 36,541 Reputation points Microsoft Employee2021-02-26T21:14:06.89+00:00 anonymous user
Thank you for your post and I apologize for the delayed response!- When it comes to the changes to the one user's UPN was there anything that could've caused it?
- Did it happen to any other users or just this one?
- Was there anything special about this one user compared to the others?
- As for the proxy address, can you share some details regarding it? Some accounts either lost or gained a proxy address?
Any additional details or screenshots would be greatly appreciated!
I've also added the azure-ad-connect and azure-ad-domain-services tag to this thread to see if anyone in these communities have experienced anything similar.
If you have any other questions, please let me know.
Thank you! -
Stephan Burger 1 Reputation point2021-02-27T18:14:51.793+00:00 anonymous user
Have you already looked at the AAD Connect synchronization service logs?
Normally you should be able to track the changes to Azure AD and on-premises AD objects there. -
Shaun Johnson 1 Reputation point
2021-03-03T14:12:18.937+00:00 When it comes to the changes to the one user's UPN was there anything that could've caused it?
No changes were made to the user, but a new ADFS domain was addedDid it happen to any other users or just this one?
jJust this one. Although proxy addresses changed for 4 other usersWas there anything special about this one user compared to the others?
Not that I can see.As for the proxy address, can you share some details regarding it? Some accounts either lost or gained a proxy address?
Yes, some lost, some gained and one had its default change, about one of each - I forget the specifics -
Shaun Johnson 1 Reputation point
2021-03-03T14:12:40.787+00:00 Yes, but nothing jumped out at me
Sign in to comment