Forum Discussion

Bronze Contributor

Apr 19, 2017

Changing UPNs / Domains

We are going to be changing our company name, so this requires a new domain. The new domain has been added to On-Prem AD and Office365. On a test user we have changed the UPN to the new domain a...

office 365

VasilMichev

MVP

Apr 19, 2017

Seems you are trying to change between federated/managed domains, thus the error. A federated user does not have any password set in the service, so you need to perform some actions when converting it (similar to what Convert-MsolFederatedUser does). So this will not work for federated:

# Set-AzureADUser -ObjectId e53d644c-db69-4e19-a1ab-94bd1f5d11e4 -UserPrincipalName irestri@michevdev2.onmicrosoft.com
Set-AzureADUser : Error occurred while executing SetUser
Code: Request_BadRequest
Message: Property passwordProfile.password value is required but is empty or missing.

This will:

# $PasswordProfile = New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile
# $PasswordProfile.Password = "Password123"

# Set-AzureADUser -ObjectId e53d644c-db69-4e19-a1ab-94bd1f5d11e4 -UserPrincipalName irestri@michevdev2.onmicrosoft.com -PasswordProfile $PasswordProfile

C_the_S
Bronze Contributor
Apr 19, 2017
Sorry, but having to change a user's password is unacceptable.
- VasilMichev
  MVP
  Apr 19, 2017
  Well IF you are changing between federated/managed auth, it's mandatory.
  - C_the_S
    Bronze Contributor
    Apr 19, 2017
    Nope, it isn't mandatory.
    Based on the other script given to me by NunoAriasSilva here are the commands I ended up using that did NOT require reseting the user's password.
    
    Set-MsolUserPrincipalName -UserPrincipalName User1@contoso.com -NewUserPrincipalName User1@tenantname.onmicrosoft.com
    
    Set-MsolUserPrincipalName -UserPrincipalName User1@tenantname.onmicrosoft.com -NewUserPrincipalName User1@Fabrikam.com
    
    That support article definitely needs some updating.