Forum Discussion
Renaming AD Account
He will keep access/permissions, however he should now use the changed UPN when prompted for credentials. His ODFB URL will also change, all files should remain intact though.
I just did exactly this yesterday and had the following experience:
- Renamed Lastname (because of a typo error), samaccountname and UPN
- wait for AAD-Connect sync (or do manually via powershell)
- O365 Admin Center showed a new email address (with the correct lastname) and moved the previously used email address to the proxyAddresses
- waited for another AAD-Connect sync, but onPrem (Exchange Admin Center) still showed the old email address as the primary address.
- I wasn't sure if I had to wait just longer, but I added the correct email address manually (because our onPrem Spam Firewall wouldn't accept external mails if there was no correct onPrem email address found)
- the mail.onmicrosoft.com target proxy addresses remain unchanged.
- I'm unsure if I should manually add a "correct" proxy address (tenant.mail.onmicrosoft.com) to the online mailbox and manually change the target address onPrem or leave it be, any suggestions?
The UPN doesnt necessarily need to match any email alias, be it the primary or the "routing" one.
Vinay ShekharMicrosoft
Hi Ivan,
Needed a small help –
Customer has Sharepoint Onpremise, Skype for Business onprem and Exchange Onprem.
SAMAccountName : Contoso\JohnDoe
UPN : JohnDoe@contoso.com
They now plan to move to office 365. However before moving to Office 365, they want to change the SAMAccountName as follows-
New SAMAccountName : Contoso\A123134
UPN: JohnDoe@contoso.com
Queries-
- Will their existing on-premise AD profile change when they login to the laptops after this SAMAccountName change?
- Any impact on their on-premise applications such as Exch, Sharepoint or SfB?
- Any impact on implementing an Exchange / Sharepoint migration if the SAMAccountName and UPN’s are different?
Appreciate any insights.
Hi Vinay,
You can change the SAMAccountName without any problems to Windows profile.
When you change the user need to login with the new one in PC, Exchange, etc.
Create a test environment:
- Create a new user with an SAMAccountName
- Configure a PC with all applications and then do a logoff
- Change the SAMAccountName
- Logon in the PC with new one
Vinay Shekhar wrote:Hi Ivan,
Needed a small help –
Customer has Sharepoint Onpremise, Skype for Business onprem and Exchange Onprem.
SAMAccountName : Contoso\JohnDoe
UPN : JohnDoe@contoso.com
They now plan to move to office 365. However before moving to Office 365, they want to change the SAMAccountName as follows-
New SAMAccountName : Contoso\A123134
UPN: JohnDoe@contoso.com
Queries-
- Will their existing on-premise AD profile change when they login to the laptops after this SAMAccountName change?
- Any impact on their on-premise applications such as Exch, Sharepoint or SfB?
- Any impact on implementing an Exchange / Sharepoint migration if the SAMAccountName and UPN’s are different?
Appreciate any insights.
Hi, as for your questions:
- Will their existing on-premise AD profile change when they login to the laptops after this SAMAccountName change?
- No. The local user profile is linked to the users unique SID. Changing any attribute from that user does not affect a local user profile as the SID remains unchanged. What will change though is the logon username, if they used netbios\samaccountname instead of username@domain.com. The latter would still work since it hasn't changed. I've tried to train my users to always use their email address for logon in case of doubt.
- Any impact on their on-premise applications such as Exch, Sharepoint or SfB?
- possibly and also very likely. Depends entirely on the configuration, see above. It also comes to NetBIOS vs UPN. My recommendation would be to always use UPN as the logon attribute, wherever possible. Unfortunately not all applications support this when they claim AD Support or SSO.
- Any impact on implementing an Exchange / Sharepoint migration if the SAMAccountName and UPN’s are different?
- By migration do you mean migration to Exchange and SharePoint Online? If so, I don't think it will have any impact, as Azure AD Connect let's you pretty much choose what your logon attribute should be.
