Tuesday, May 26, 2015

Azure AD and Manual UPN Update

Tuesday, May 26, 2015 9:23 AM  Blog-5  5 comments

In Azure AD, the UserPrincipalName (UPN) can be manually updated using Set-MsolUserPrincipalName Power Shell cmdlet.  The details and syntax are explained here - https://msdn.microsoft.com/en-us/library/azure/dn194135.aspx

One of the common issues you experience during this process is the “Access Denied”  error message. 

 Set-MsolUserPrincipalName : Access Denied. You do not have permissions to call this cmdlet

If you are using Global Administrator account, you should have permission to update user properties. This error message can be little misleading.  Most of the time, you will see this error message because of an non-existent UPN name in the “-UserPrincipalName” parameter.

Set-MsolUserPrincipalName -UserPrincipalName CurrentUPNfromAzure@domain.onmicrosoft.com -NewUserPrincipalName NewUPN@mydomain.com

Here are some examples:

As you can see in the following screenshot, I am getting the Set-MsolUserPrincipalName : Access Denied. You do not have permissions to call this cmdlet message here.


image



I am using a Global Administrator account here.  This is because of the non-existent UPN (current UPN of the user from Azure).  If you run Get-MsolUser cmdlet, you will see the real error message :)   “Get-MsolUser : User Not Found.  User: Client2User200@myinfralab.onmicrosoft.com” error message. 



image



You need to verify current Azure UPN before you the Set-MsolUserPrincipalName or you can combine Get-MsolUser and  Set-MsolUserPrincipalName cmdlets to include this validation check to get some more meaningful error message. 



Get-MsolUser -UserPrincipalName CurrentUPNfromAzure@domain.onmicrosoft.com | Set-MsolUserPrincipalName -NewUserPrincipalName NewUPN@mydomain.com



image 



Also, make sure to verify the Custom Domain in Azure if you are planning to use a custom domain name as UPN.



image image

Posted in:

5 comments:

Bingo! That was the issue. Thank you for this post.

I was searching for some blogs when I came across your article on Azure AD and Manual UPN Update. I'm also a student, by the way. I'm now researching law dissertation topics as well, and I really enjoyed your post. Of course, the level of quality and quantity of work on this site is highly educational. Thank you for sharing your site; I really enjoy it.

When I came bitlife across your article about Azure AD and Manual UPN Update, I was looking through some blogs. By the way, I'm a student as well.

One common reason for encountering this error message is when Geometry Dash the UPN specified in the "-UserPrincipalName" parameter does not exist in the Azure AD.

Thank you for sharing this slope article, it is very useful and answers my questions.

Post a Comment

Popular Posts

Share

Twitter Delicious Facebook Digg Stumbleupon Favorites More