• Status: Solved
  • Priority: Low
  • Security: Public
  • Views: 118
  • Last Modified:

Unable to remove Office 365 proxy address attribute

Hi there,

We have an issue within an Office 365 Hybrid environment, where we are unable to remove/overwrite the Microsoft Online Email Routing Address (username@<domain>.onmicrosoft.com) for a user that has had a name change.

Within ADSI edit, the Microsoft Online Email Routing Address entry contains the new entry, however, within Azure AD and Exchange Online, it has created the new address alongside the old one:


I cannot remove the old entry directly from Azure AD/Exchange Online as all changes have to be made on-prem.

To make matters worse, another user has started with the same name as the old name of the other user, resulting sync conflicts.

Is there any way to remove the old @<domain>.onmicrosoft.com address? Any help would be greatly appreciated.

Cheers in advance.
Mark Kinsey
Mark Kinsey
  • 3
  • 3
  • 3
1 Solution
.On Microsoft.com domain entries cannot be synced from on premise
You need to change it in cloud itself with azure active directory PowerShell, not even with gui of o365 as accounts are synced from onpremise
The command would Get-msoluser -Userprincipalname user1@mydomain.com | Set-msoluser -NewUserprincipalname user2@mydomain.onmicrosoft.com -force

After you aaded new entry, again run same command with reverse data so that original UPN will get restored and new proxyaddress will also get added
Mark KinseyAuthor Commented:
Thanks Mahesh.

However, I have just tried this, but the command will not run (within Azure AD Powershell):


Set-MsolUser : Unable to update parameter. Parameter name: UserPrincipalName.
+ CategoryInfo          : OperationStopped: (:) [Set-MsolUser], MicrosoftOnlineException
    + FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.PropertyNotSettableException,Microsoft.Online.Administration.Automation.SetUser
it might be possible that target UPN you are trying to et is already assigned to some else ID, the error message indicates that I believe

The UPN value you are trying must be unique
Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Mark KinseyAuthor Commented:
I cannot see any conflicts for these UPN's. As it stands, the proxy address for both users who need fixing are as follows:



User 1 was previously known as Joe Smith, although the name change to Joe Bloggs would not rename their original Microsoft Online Email Routing Address. This has stayed.

User 2 then started afterwords, also named Joe Smith. Their Microsoft Online Email Routing Address got created with random numbers after the username, due to the conflict.

So we have two issues:

1) We need to remove the original Microsoft Online Email Routing Address from user one.
2) We need to remove the numbers (1234, in this example) from user two's Microsoft Online Email Routing Address.
Move user in a OU which is not synced, do a delta sync, correct issue, move user back to a synced OU, sync agacross n. Do that on a Test user before  proceeding in case you want do double check intermediate steps.
Its not necessary that proxy address (UPN) you are trying to add through command is part of those two IDs only

Can you go to mailboxes and contacts node in admin center and search for target UPN you are trying to add and if you can find it this way

My earlier comment is the only way to modify / change .onmicrosoft.com UPNs in cloud
Mark KinseyAuthor Commented:
Thank you Michelangelo, this was the only way to fix the problem, as the objects were only present in the cloud.

Steps to fix, for anyone else who may have this problem:

1) Moved users to non-synced OU.
2) Ran sync
3) Restored mailboxes in cloud as ‘cloud only’
4) Removed problematic MOERA addresses
5) ‘Hard matched’ mailboxes back to on-perm AD accounts
6) Put AD accounts back into synced OU
7 Ran sync

I’m still unsure as to why the MOERA addresses do not change if the users UPN changes after a name change.

Anyway, my issues are resolved. Many thanks both.

Glad it helped!
Ciao !
Moving user out of sync and readding it to sync solved the issue
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now