Forum Discussion
End User OWA and Office 365 Suite Credentials Inconsistent
I did not change the domain name. To explain it a bit better the reason for changing the UPN was to make it consistent. We have been using the naming scheme FirstInitialLastName@Domain.com in the past and then more recently firstname.lastname@domain.com . We have been having issues with the inconsistency and end users not knowing which naming scheme they have so I wanted to start making everyone consistent. I updated around 15 users on the old naming method to the new naming method and all but 1 had no issue.
The steps i toke to change them was changing the account "User Logon Name:" on the AD User's Properties, as well as changing the proxyaddress. I then synced the user to Office 365. Inside of the Office 365 admin portal the user has the correct UPN. They are only able to log into the OWA with the new address. As well as the Outlook app on their Iphone. The old FirstInitialLastName@Domain.com would no longer work. Although on the computer side Outlook will not take firstname.lastname@domain.com and will only accept the old FirstInitialLastName@Domain.com . At first I thought this might have been a bug with the stored credentials. Although after clearing them that did not sold the problem. I proceeded to removing the account from the computer via Control Panel/User Accounts/Mail (Microsoft Outlook 2016) still not dice it will only accept the old FirstInitialLastName@Domain.com even on account set-up. I attempted this again on a separate computer that was just set-up as well as our Remote Desktop environment. And it still will only use the old FirstInitialLastName@Domain.com and will not take the new firstname.lastname@domain.com.
I even had the user attempt to change their AD password. The new password synchronized with Office 365 as normal, but it still only lets them use the old UPN to log into Outlook on their computer.
Somewhere something would to have to have gone wrong as the other users I did this to are not having this issue. Although I can't seem to find any huge difference in the accounts. It just doesn't make sense to me why the OWA and Outlook Phone app would be correct but the computer side outlook isn't.
That's weird because OWA and mobile phone is working properly. I assume you are using password hash synchronization with AAD Connect, so no authentication issue should occour on-premises.
I would try to change the UPN a second time back to the old one, perform a full synchronization, change it back to the new one and perform a full synchronization. But it seems to be a client issue because OWA is working fine.
What happens if you create a new Outlook profile with the new UPN? When modern authentication is enabled, the primary smtp address should be already filled in the user name field.
Replying to the bit about what happens with the modern authentication when setting up the Outlook profile. It auto-fills as the new UPN (Firstname.Lastname@domain.com) although when the Windows Security pop-op comes up, it is autofilled with the Firstname.Lastname@domain.com although will not accept it with the password. It will only work when it is changed to the old firstinitiallastname@domain.com . Once I change it to the old way it works. Meaning it is recognizing that the new UPN is right, but doesn't accept it.
I am going to try and change the UPN again and see if it works.
On top of this issue the end user is also prompted for the password often even when picking "remember me". Which is also very odd behavior.
- MA works with password hash synchronization as well. Your client get authenticated by the Azure AD identity provider. But, if MA enabled, you cannot get the username and password prompt. Only the web based window will occur, I.e. after a password change.
Well I attempted to change the UPN and change it back and still no dice. It still works the exact same.