UPNs Change After Adding New Federated Domain to Azure

Shaun Johnson 1 Reputation point


I wonder if anyone here has seen this behaviour before, I'm trying to understand how something happened for a client and 365 support basically told me they cant tell me anything useful and we have to pay for Azure support - which obviously no one wants to do.

We have a federated domain that we use for Office 365. A new subdomain of that domain was added using powershell. At the next AD Sync, it seems that every user account was touched, which I suppose is expected as it checks for the presence of the new domain. However, for a few accounts, changes were made that we cannot explain. One account ended up with an entirely new UPN, which was a breaking change for a customers process. A few other accounts either lost of gained a proxy address, although these were non breaking changes.

Is anyone able to explain why this happens?

Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,127 questions
{count} votes