Office 365 Management – Account Renames or Getting Married

Posted on

For those administrators who are using Active Directory Synchronization to bring all your users, contacts and groups into Office 365, you may have found that when someone gets married and for example has their last name changed, managing this in Office 365 may be tricky.  Here are the steps needed to properly manage this scenario:

Name Change/Getting Married

When someone’s last name changes, from Smith to Clark, either a request is sent requesting a last name change or the user is given a tool where they can change this themselves.  Once changed in Active Directory, DirSync will pick this change up and attempt to update the online company user’s last name information.

However in addition to simply a last name change, users typically change their login information (i.e. old: | new: along with their email address.  Hopefully the users User Principal Name (UPN) and Email address are the same, if not that is another story, but lets continue.

So the user has her last name, UPN and Email Address changed within Active Directory and expects these updates to flow into the Online company, so the user will be seen with the new information within SharePoint, Outlook/OWA, etc.

Directory Synchronization Operations

Directory Synchronization WILL synchronize the lastName attribute and value along with email address changes HOWEVER the login UPN update will not be synchronized.  This means the user’s email and friendly “last name” display will be updated however the user’s old login UPN ( will not be changed.


Use Microsoft Online for Windows PowerShell to change the activated online user’s UPN to match the users email address.  Once complete, the users UPN, Email and potentially SIP (Instant Messaging – If enabled for IM) will now be the same and allow the user one address they have to manage!

Windows Online PowerShell

Set-MsolUserPrincipalName The Set-MsolUserPrincipalName cmdlet is used to change the User Principal Name (user ID) of a user. This cmdlet can be used to move a user between a federated and standard domain, which will result in their authentication type changing to that of the target domain.

Whatcha thinkin?

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s