In Azure AD, the UserPrincipalName (UPN) can be manually updated using Set-MsolUserPrincipalName Power Shell cmdlet. The details and syntax are explained here - https://msdn.microsoft.com/en-us/library/azure/dn194135.aspx
One of the common issues you experience during this process is the “Access Denied” error message.
Set-MsolUserPrincipalName : Access Denied. You do not have permissions to call this cmdlet
If you are using Global Administrator account, you should have permission to update user properties. This error message can be little misleading. Most of the time, you will see this error message because of an non-existent UPN name in the “-UserPrincipalName” parameter.
Set-MsolUserPrincipalName -UserPrincipalName CurrentUPNfromAzure@domain.onmicrosoft.com -NewUserPrincipalName NewUPN@mydomain.com
Here are some examples:
As you can see in the following screenshot, I am getting the Set-MsolUserPrincipalName : Access Denied. You do not have permissions to call this cmdlet message here.
I am using a Global Administrator account here. This is because of the non-existent UPN (current UPN of the user from Azure). If you run Get-MsolUser cmdlet, you will see the real error message :) “Get-MsolUser : User Not Found. User: Client2User200@myinfralab.onmicrosoft.com” error message.
You need to verify current Azure UPN before you the Set-MsolUserPrincipalName or you can combine Get-MsolUser and Set-MsolUserPrincipalName cmdlets to include this validation check to get some more meaningful error message.
Get-MsolUser -UserPrincipalName CurrentUPNfromAzure@domain.onmicrosoft.com | Set-MsolUserPrincipalName -NewUserPrincipalName NewUPN@mydomain.com
Also, make sure to verify the Custom Domain in Azure if you are planning to use a custom domain name as UPN.
6 comments:
Bingo! That was the issue. Thank you for this post.
I was searching for some blogs when I came across your article on Azure AD and Manual UPN Update. I'm also a student, by the way. I'm now researching law dissertation topics as well, and I really enjoyed your post. Of course, the level of quality and quantity of work on this site is highly educational. Thank you for sharing your site; I really enjoy it.
When I came bitlife across your article about Azure AD and Manual UPN Update, I was looking through some blogs. By the way, I'm a student as well.
One common reason for encountering this error message is when Geometry Dash the UPN specified in the "-UserPrincipalName" parameter does not exist in the Azure AD.
Thank you for sharing this slope article, it is very useful and answers my questions.
Azure AD simplifies user management, but sometimes manual UPN updates are necessary. Like a rhythm in friday night funkin, maintaining synchronization is key. Whether in gaming or system administration, proactive updates keep everything in tune, ensuring seamless access and security across platforms.
Post a Comment