Forum Discussion
Solved
Azure AD Connect - Dealing with incorrectly created users post-sync
We have a single domain in windows AD, not the same as our verified domain in Azure AD (through 365). If a user was not set up to use the "verified" suffix in their user principal name, Azure AD Con...
You don't need to disable the sync, simply delete the "duplicate" account. As for avoiding such issues in the future, add the "verified" suffix as additional UPN suffix on-premises and update any such accounts.
When creating the accounts, Azure AD looks at the UPN value and if its populated, it will use it to create the corresponding account in O365. If the UPN doesn't match a verified domain, it will be replaced with the default @tenant.onmicrosoft.com value. If the UPN is empty, the SamAccountName attribute will be used instead, with the default domain. Similar rules apply to SMTP addresses: https://support.microsoft.com/en-us/help/3190357/how-the-proxyaddresses-attribute-is-populated-in-azure-ad
You can also use the so-called soft-matching mechanism to make sure the on-premises object "links" correctly to an already created cloud one: http://support.microsoft.com/kb/2641663
You don't need to disable the sync, simply delete the "duplicate" account. As for avoiding such issues in the future, add the "verified" suffix as additional UPN suffix on-premises and update any such accounts.
When creating the accounts, Azure AD looks at the UPN value and if its populated, it will use it to create the corresponding account in O365. If the UPN doesn't match a verified domain, it will be replaced with the default @tenant.onmicrosoft.com value. If the UPN is empty, the SamAccountName attribute will be used instead, with the default domain. Similar rules apply to SMTP addresses: https://support.microsoft.com/en-us/help/3190357/how-the-proxyaddresses-attribute-is-populated-in-azure-ad
You can also use the so-called soft-matching mechanism to make sure the on-premises object "links" correctly to an already created cloud one: http://support.microsoft.com/kb/2641663
i need your help please i was facing a problem
that problem after i trouble shooting in azure because there are many feature are not available so the trouble shoot show me that the problem from the ad connect so i uninstall it and then reach the cloud to see the users so i found them in deleted user so i decided to restore them again and every thing worked perfectly the next day i found that the users cant login into there profiles on their PC and an automatically New profile without any data created without any permission and when i try to delete the new user it recreate itself so what is the solution because i facing a big problem in my job and this is the diagram show how the company work