In our AD our emails don't match our UPN, so when we sync with Azure AD using UPN any accounts that have been pre-created don't match. We get two accounts for the od user.
lets assume upn is user@xyz.co.uk
email is user.name@xyz.co.uk
If we plan to DELETE the miss matched accounts and just leave the UPNs will this create a problem for tools such as Skype for business (other than having to login with the UPN and it being a different USER)? Will external users be able to find our Skype users if they search by email?
I understand that deleting the duplicated accounts may also create problems for things like favourites in the Skype for business
client.
We are not using exchange online (yet)
Or, if we CHANGE the UPNs to match the email, will this change just flow through to AzureAD? eg if we change UPN from user@xyz.co.uk
to user.name@xyz.co.uk
will the user be able to start using user.name@xyz.co.uk
or will it get in a muddle.
I understand that any internal apps that use UPN may need to be looked at.
Or, should we just sync using the email address as the unique key and just leave the UPN as is. I guess we will need to turn off syncing and re-install the tools.
Best Answer
If we change the UPNs to match the email from local, Azure AD connect will update Azure AD users' information.
we can change the UPN, then sync them, Azure AD users, information will be update.
Also we can delete Azure AD user(duplicated), then use AAD connect to sync them again.
Update:
You are right, it is a good way to achieve it.
We should stop sync task, uninstall AAD connect, and use PowerShell
Remove-AzureADuser
to delete users from Azure AD, then reinstall Azure AD connect and usemail
to sync users to Azure AD.