Microsoft Security Tech Accelerator
Dec 06 2023, 07:00 AM - 12:00 PM (PST)
Microsoft Tech Community

New Setup 2 Domains

Copper Contributor

We are setting up new systems.  The default domain is company.local.  I added our verified domain name in the UPN.  I am using a non DC to install Entra Provisioning Agent, but the only domain that keeps showing is the company.local.  I have rebooted both systems.

Any ideas?

3 Replies



What you've described is the setup of a single domain that has an additional routable UPN suffix added to it.


Adding additional routable UPN entries does not mean you have multiple domains. Instead, they are considered additional namespaces within that single domain. There remains only a single account database and so on. All adding a routable UPN achieves is being able to specify a different UPN suffix on a per account basis.


If my interpretation of what you have described is correct, then seeing just the one domain listed in the agent during installation is expected and correct.




So How do I fix it?



Fix what? From your description, everything is showing precisely as it should.


If what you're intending to ask is: how to I get a user with a userPrincipalName in Active Directory of:


someName @ domain.local


To be set as:


someName @


(Note, I've had to use spaces to get around this forum stripping out SMTP-style addresses)


Then you are focusing on the wrong thing. You need to read up on and understand how to perform attribute mappings - specifically using expressions (and functions - Replace() would be your best bet), as that kind of name translation has nothing to do with the agent installation.



The other approach you might be able to leverage is changing the existing values for SMTP-like attributes such as userPrincipalName, mail and proxyAddresses in Active Directory first, which would allow you to use direct mappings rather than expressions in the Cloud Sync mappings (see the screenshots in either/both of the articles above).