One of the requirements for a recent Office 365 migration project was to convert all user’s UPNs to match their primary SMTP email address.
The reason for this is that once you have synced all your on-premise AD objects to Azure AD via AAD Sync Office 365 will use the UPN as the logon format for your users. If this simply matches the users email address it makes like much easier.
There are various ways of doing this but I found the safest and way I like the best to be a technet gallery script from here.
The script is as below, I ran it on one of my DCs. It will prompt you for the DN of the OU of the users that you want to convert. You can find the DN of your OU in the Distinguished Name attribute of it in AD.
param ( [Parameter(mandatory=$true)] [string] $OU ) Import-Module ActiveDirectory foreach ($user in (Get-ADUser -Filter * -SearchBase $OU)) { $userdetails = $user | get-aduser -properties * $user | set-aduser -UserPrincipalName $userdetails.EmailAddress }
If you want to run a report to show which user’s UPNs do not match their primary email address use the below. Again, you will be prompted for an OU to run the report on (make this your top-level user OU for all users).
param ( [Parameter(mandatory=$true)] [string] $OU ) $logpath = "c:\temp" Get-Mailbox -OrganizationalUnit $OU -ResultSize Unlimited | Select DisplayName,Alias,UserPrincipalName,PrimarySMTPAddress | export-csv -NoTypeInformation "$logpath\Users-UPNs-OU.csv" -append
Hi,
This was good until I discovered that it will reset any user UPN who does not HAVE an email address attribute to be BLANK.
As you can imagine, this could cause all sorts of problems 🙂