Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,629 questions
old (renamed in AD) account credentials still exist on user causing issue with new user created on Azure AD sync
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 6%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Scott Sorenson
1
Reputation point
Original user TUSER@keyman changed to new username TNewUser@keyman
Azure AD Sync created smtp address of TUSER@keyman .onmicrosoft.com initially (as well as X.500)
Username and Email address changed in AD, and new addresses show up correctly in Azure.
onmicrosoft.com and X.500 not updated (not in AD to update).
New user created at TUSER@keyman and causing sync error / collision with old user account, forcing Azure to create TUSERXXXX@keyman .onmicrosoft.com and throws a sync error.
We only use Azure AD connect/sync. We do not have 360 or hosted / hybrid email.
I have disabled AD sync using power shell. Deleted new user account (and deleted from recycle) waited then re-enabled sync and the same issue occurs.
How can I change those addresses on the old user account to reflect the new name so that the sync does not have an error.
Do I need to stop sync, delete both accounts, and then restart sync? Old user has app rights for b2b w this account, so i prefer not to create an issue by deleting it. Is there another solution?
TIA.
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(278.4, 57.00000000000001%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Shashi Shailaj 7,581 Reputation points Microsoft Employee2022-02-21T20:58:49.687+00:00 @Scott Sorenson ,
Apologies for the delayed response. As far as I understand you have renamed the UPN attribute of the user and and created a new user with the same old UPN which is causing the conflict . I would first suggest to check the AD sync error on the old account in the AD connect tool. It will show you the details of the attribute which is causing the conflict Then you can fix the attribute on the object on-premise or in the cloud. I am checking more on this but I think TUSER@keyman is still there in either proxyaddresses value for the cloud object which can be causing this . I would suggest you to check this from exchange online admin center and once we clear the old entry the sync error should go away .
Sign in to comment