Unable to remove Office 365 proxy address attribute

Hi there,

We have an issue within an Office 365 Hybrid environment, where we are unable to remove/overwrite the Microsoft Online Email Routing Address (username@<domain>.onmicrosoft.com) for a user that has had a name change.

Within ADSI edit, the Microsoft Online Email Routing Address entry contains the new entry, however, within Azure AD and Exchange Online, it has created the new address alongside the old one:

old_username@<domain>.onmicrosoft.com
newusername@<domain>.onmicrosoft.com

I cannot remove the old entry directly from Azure AD/Exchange Online as all changes have to be made on-prem.

To make matters worse, another user has started with the same name as the old name of the other user, resulting sync conflicts.

Is there any way to remove the old @<domain>.onmicrosoft.com address? Any help would be greatly appreciated.

Cheers in advance.
Mark KinseyAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MaheshArchitectCommented:
.On Microsoft.com domain entries cannot be synced from on premise
You need to change it in cloud itself with azure active directory PowerShell, not even with gui of o365 as accounts are synced from onpremise
The command would Get-msoluser -Userprincipalname user1@mydomain.com | Set-msoluser -NewUserprincipalname user2@mydomain.onmicrosoft.com -force

After you aaded new entry, again run same command with reverse data so that original UPN will get restored and new proxyaddress will also get added
0
Mark KinseyAuthor Commented:
Thanks Mahesh.

However, I have just tried this, but the command will not run (within Azure AD Powershell):

--------

Set-MsolUser : Unable to update parameter. Parameter name: UserPrincipalName.
+ CategoryInfo          : OperationStopped: (:) [Set-MsolUser], MicrosoftOnlineException
    + FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.PropertyNotSettableException,Microsoft.Online.Administration.Automation.SetUser
0
MaheshArchitectCommented:
it might be possible that target UPN you are trying to et is already assigned to some else ID, the error message indicates that I believe

The UPN value you are trying must be unique
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

Mark KinseyAuthor Commented:
I cannot see any conflicts for these UPN's. As it stands, the proxy address for both users who need fixing are as follows:

USER 1
Joe_Bloggs@<domain>.com
Joe_Bloggs@<domain>.onmicrosoft.com
Joe_Smith@<domain>.onmicrosoft.com


USER 2
Joe_Smith@<domain>.com
Joe_Smith1234@<domain>.onmicrosoft.com

User 1 was previously known as Joe Smith, although the name change to Joe Bloggs would not rename their original Microsoft Online Email Routing Address. This has stayed.

User 2 then started afterwords, also named Joe Smith. Their Microsoft Online Email Routing Address got created with random numbers after the username, due to the conflict.

So we have two issues:

1) We need to remove the original Microsoft Online Email Routing Address from user one.
2) We need to remove the numbers (1234, in this example) from user two's Microsoft Online Email Routing Address.
0
MichelangeloConsultantCommented:
Move user in a OU which is not synced, do a delta sync, correct issue, move user back to a synced OU, sync agacross n. Do that on a Test user before  proceeding in case you want do double check intermediate steps.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MaheshArchitectCommented:
Its not necessary that proxy address (UPN) you are trying to add through command is part of those two IDs only

Can you go to mailboxes and contacts node in admin center and search for target UPN you are trying to add and if you can find it this way

My earlier comment is the only way to modify / change .onmicrosoft.com UPNs in cloud
0
Mark KinseyAuthor Commented:
Thank you Michelangelo, this was the only way to fix the problem, as the objects were only present in the cloud.

Steps to fix, for anyone else who may have this problem:

1) Moved users to non-synced OU.
2) Ran sync
3) Restored mailboxes in cloud as ‘cloud only’
4) Removed problematic MOERA addresses
5) ‘Hard matched’ mailboxes back to on-perm AD accounts
6) Put AD accounts back into synced OU
7 Ran sync

I’m still unsure as to why the MOERA addresses do not change if the users UPN changes after a name change.

Anyway, my issues are resolved. Many thanks both.

Cheers
1
MichelangeloConsultantCommented:
Glad it helped!
Ciao !
0
MichelangeloConsultantCommented:
Moving user out of sync and readding it to sync solved the issue
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Office

From novice to tech pro — start learning today.