Change UPN in AzureAD with Microsoft Graph

Hi All,

If “synchronizeUpnForManagedUsersEnabled” is enabled in the Directory Synchronization Features, the UPN of a synchronized Account wil be transferred to Azure AD, as long it is a registered Domain in Azure AD.

Sometimes you get into the Situation where you need to change the UPN Suffik of a synchronized Object.

In this Article i’ll show you how to change the UPN in AzureAD with PowerShell.

Active Directory

As an Example i have a user with an UPN Suffix that is not a registered Domain in AzureAD

Azure AD

Registered Domains in Azure AD

The user will get the UPN Suffix of the default Domain (tenant.onmicrosoft.com)

MSOL

You will find plenty of Articles that use the “Set-MsolUserPrincipalName” Commandlet.

But be aware that Microsoft has announced the depreciation of MSOL and AzureAD Commands until June 2023 and extended it lately to March 2024.

Connect and get User with the MSOnline PowerShell Module

Connect-MsolService
Get-MsolUser -UserPrincipalName demo03@icewolfch.onmicrosoft.com

Update the UPN with the Set-MsolUserPrincipalName

Set-MsolUserPrincipalName

Set-MsolUserPrincipalName -UserPrincipalName demo03@icewolfch.onmicrosoft.com -NewUserPrincipalName demo03@icewolf.ch
Get-MsolUser -UserPrincipalName demo03@icewolf.ch

Microsoft Graph

Better way is to use the Microsoft.Graph PowerShell Module

Get-MgUser

Connect-MgGraph -Scopes user.readwrite.all
Get-MgUser -ConsistencyLevel eventual -Count userCount -Filter "startsWith(DisplayName, 'Demo03')"

Update the UPN with Update-MgUser Commandlet

Update-MgUser

Update-MgUser -UserId ee82efe8-8497-469d-aadd-ada271f70912 -UserPrincipalName demo03@icewolf.ch
Get-MgUser -UserId ee82efe8-8497-469d-aadd-ada271f70912
Get-MgUser -UserId demo03@icewolf.ch

Regards
Andres Bohren