Azure AD to Azure AD DS sync problem

%3CLINGO-SUB%20id%3D%22lingo-sub-670757%22%20slang%3D%22en-US%22%3EAzure%20AD%20to%20Azure%20AD%20DS%20sync%20problem%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-670757%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3EWe%20have%20only%20Azure%20AD%20and%20Azure%20AD%20DS%20service%20(no%20on-prem%20AD%20DS%20).%26nbsp%3B%3C%2FP%3E%3CP%3EOne%20of%20the%20users%20has%20an%20interesting%20problem%3A%3C%2FP%3E%3CP%3EHe%20uses%20two%20accounts%20in%20Azure%20AD%3C%2FP%3E%3CP%3EUser1%40domain.com%3C%2FP%3E%3CP%3EUser1%40domain.onmicrosoft.com%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIn%20Azure%20AD%20DS%20I%20can%20see%20these%20two%20accounts%2C%20but%20they%20are%20synced%20in%20an%20odd%20way%2C%20so%20I%20have%20such%20user%20logon%20names%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EUser1%26nbsp%3B%3C%2FP%3E%3CP%3EUser1%20(62FB83CB)%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECould%20anybody%20say%20how%20it%20can%20be%20fixed%3F%3C%2FP%3E%3CP%3EThanks.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-670757%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAzure%20AD%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EIdentity%20Management%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-679680%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20to%20Azure%20AD%20DS%20sync%20problem%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-679680%22%20slang%3D%22en-US%22%3EDo%20they%20have%20the%20same%20Object-ID%20if%20you%20do%20get-azureaduser%20for%20AAD%20or%20get-aduser%20on%20the%20AAD%20DS%3F%20I'll%20start%20there%2C%20I%20remember%20having%20a%20similar%20issue%20with%20on-prem%2C%20we%20fixed%20it%20by%20immutable%20ID.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-680128%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20AD%20to%20Azure%20AD%20DS%20sync%20problem%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-680128%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F328428%22%20target%3D%22_blank%22%3E%40jerome317%3C%2FA%3E%26nbsp%3B%26nbsp%3B%3C%2FP%3E%3CP%3EHi%2C%20I'm%20not%20sure%20but%20is%20there%20any%20possibilities%20to%20have%20the%20same%20objectID%20in%20two%20systems%3F%3C%2FP%3E%3CP%3EThey%20are%20different%20in%20Azure%20AD%20and%20Azure%20AD%20DS.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
New Contributor

Hi,

We have only Azure AD and Azure AD DS service (no on-prem AD DS ). 

One of the users has an interesting problem:

He uses two accounts in Azure AD

User1@domain.com

User1@domain.onmicrosoft.com

 

In Azure AD DS I can see these two accounts, but they are synced in an odd way, so I have such user logon names:

 

User1 

User1 (62FB83CB)

 

Could anybody say how it can be fixed?

Thanks.

2 Replies
Highlighted
Do they have the same Object-ID if you do get-azureaduser for AAD or get-aduser on the AAD DS? I'll start there, I remember having a similar issue with on-prem, we fixed it by immutable ID.
Highlighted

@jerome317  

Hi, I'm not sure but is there any possibilities to have the same objectID in two systems?

They are different in Azure AD and Azure AD DS.