Fix site user ID mismatch in SharePoint or OneDrive
Symptoms
When users in your organization try to access a OneDrive or SharePoint site by using a new account that shares a username with a previous account, users experience one or more of the following issues:
- An "Access denied" error message
- An inconsistent user experience
- A new OneDrive site that has a suffix appended to the expected URL such as
https://contoso-my.sharepoint.com/personal/UserA_Contoso_com1(the suffix can be a number or a GUID)
Cause
These issues usually occur if a user account is deleted from the Microsoft 365 admin center, and then a new account is created by using the user principal name (UPN) that was used by the deleted account. The new account is assigned a new ID value even though the UPN is the same. However, the UserInfo list for the SharePoint and OneDrive sites associated with the account only has the old ID. When users try to access a SharePoint or their OneDrive site by using their new account, their new ID doesn't match the ID that's in the UserInfo list. Therefore, they're denied access to the site.
These issues might also occur during directory synchronization between an Active Directory organizational unit (OU) and SharePoint. If users have already logged in to SharePoint and are later moved to a different OU, they might experience these issues when the OU synchronizes with SharePoint.
Resolution
To fix these issues, run the Site User Mismatch diagnostic by using a Microsoft 365 administrator account (Global Admin or SharePoint Admin).
Note
- This diagnostic isn't available for the GCC High or DoD environments, or for Microsoft 365 operated by 21Vianet.
- Before admins run the diagnostic to fix the issues for OneDrive sites, they must make sure that the UserName of the new user account matches the old account. Administrators are prohibited from connecting OneDrive sites that might have been owned previously by another user account.
- If the diagnostic has successfully resolved an issue that's related to a OneDrive site, the changes might take approximately 24 hours to take effect. This period includes updating the OneDrive tile to point to the correct site and recycling any additional OneDrive sites.
Select the following Run Tests button, which populates the diagnostic in the Microsoft 365 admin center. The diagnostic performs a large range of verifications for internal users and guests who try to access SharePoint and OneDrive sites.
When prompted, provide the following information:
- The affected user account, such as UserA@contoso.com
- The original site URL, such as
https://contoso-my.sharepoint.com/personal/UserA_Contoso_com
Common scenarios
The Site User Mismatch diagnostic can fix the following common issues that can occur when a new account is created by using the UPN that was used by a deleted account.
A user is directed to a new OneDrive site that has a suffix appended to the expected URL
When a new user account is created, a new OneDrive site is assigned to it. When a user account is deleted, the OneDrive site assigned to the account is not deleted right away. So if a new user account is created with the UPN of a deleted account, then the new OneDrive site assigned to the new account has the same URL as the old OneDrive site with an added suffix. This suffix is either a number or a GUID.
If you want the new user account to use the same OneDrive site that was assigned to the old account, the diagnostic will check whether the user can be assigned ownership of the original site. After successfully verifying the user's permissions, the diagnostic will offer to reconnect the user to their original site and recycle the new active site that has the suffix such as https://contoso-my.sharepoint.com/personal/UserA_Contoso_com1.
If you have a need to access content in the new OneDrive site at a later time, you can restore the deleted OneDrive.
Access denied to a OneDrive site
If a user is denied access to their old OneDrive site after a new account is created for them, the diagnostic will reconfigure the user's profile. Then it will reconnect the user to their old OneDrive site to fix the access issue.
Note
Administrators can't fix this issue by manually updating the owners of the OneDrive site or editing the user profile properties that are associated with the OneDrive site. The diagnostic is the only recommended solution to fix this issue.
User ID mismatch on SharePoint sites or OneDrive sites that don't belong to the user
When the diagnostic detects a user ID mismatch in the UserInfo list, it will offer to remove the old ID. After you accept and the old ID is removed, assign the new user account the appropriate permissions to the SharePoint site.
Note: If you want to fix this issue manually, you must remove the old user account from the UserInfo list, and then grant permissions to the new user account.
More information
For more information about access issues in SharePoint and OneDrive, see "Access Denied" or "You need permission" errors in SharePoint Online and OneDrive.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for