My3030
(My3030)
1
I created a new user in my local AD which syncs with my Office 365 Exchange. The guy has the wrong default user name. He’s got various aliases which are set via smtp. The problem is the guys address is guys name@ourserver.onmicrosoft.com Uh that’s the wrong address. I can’t get it to change with Exchange on line since I get the below error
The operation on mailbox “guys name” failed because it’s out of the current user’s write scope. The action ‘Set-Mailbox’, ‘EmailAddresses’, can’t be performed on the object ‘guys name’ because the object is being synchronized from your on-premises organization. This action should be performed on the object in your on-premises organization.
I can’t figure out in my local active directory where this guys “onmicrosoft.com” address is coming from our how to edit it. I get the above error which essentially points me back to my local AD but ;where the heck is it. I haven’t found it in extended attributes.
This is the FIRST guy I created in AD locally and then Exchange online he was not migrated from our former Lotus Notes system.
So I’m stumped for the moment as to how to change this guys primary address to the one he wants and not the "onmicrosoft.com’ one that he has now. Various smtp aliases work right but it’s the wrong address for reply and in the online Exchange address book
9 Spice ups
You aren’t running a hybrid environment where you have an on prem exchange hybrid server are you?
My3030
(My3030)
3
Exchange server is MS hosted blissfully not on prem. Sync in theory is local AD to cloud. I didn’t set it up and the mail admin’s on vacation in Poland… LOL so I’m figuring it out.
Have you performed the schema extension for Exchange?
Some of the Exchange related attributes that you will need for dealing with Office 365 are only found in Active Directory when you have exchange installed.
look at Exchange Download to Extend Schema for Office 365
This will open up some additional attributes.
Also on the General Tab of the AD User, put the users email address into the Email Field and also make sure that on the Account Tab the user login name matches the email (including the suffix)
Neally
(Neally)
5
I’d look at the proxyaddresses, either in ADSI, or PowerShell / Attribute Editor
Get-ADUser -Identity $thatguy -properties proxyaddresses |
select -expandproperty proxyaddresses
Oh so it has the wrong email listed in the GAL ?You probabaly need to update the Primary SMTP address ( primary is where the SMTP is capitalized), again, check the proxyaddresses.
EDIT: Ugh shpellynk
2 Spice ups
So, simply put, your Office 365 is synced with your local AD, and will not accept changes made in the portal.
So you must make the change in your local AD.
This one seems to sum it up nicely: How to change SMTP address in O365 with DirSync & ADFS enabled
2 Spice ups
Quickest solution is:
Go to Active Directory Users and Computers
Go to View (i think), Advanced Features
Go to User account
Go to Attribute Editor
Edit Proxy Address to:
SMTP:user@domain.com
smtp:user@tenent.onmicrosoft.com
smtp:user@anyother.alias
6 Spice ups
What’s their UPN (User Principal Name)? Make sure it matches your email domain.
Otherwise, as others have mentioned, I’d check the ProxyAddress under the Attribute Editor tab for the user account (you’ll need to turn on Advanced View in AD Users & Computers).
2 Spice ups
This and also make sure the email field in AD is correct.
So I don’t think the solution presented here goes all the way. Specifically, using the above method does NOT update the O365 UserName. To update the username, follow these additional steps:
-
Open PowerShell
-
Connect to the online service with the following commands:
$msolcred = get-credential
connect-msolservice -credential $msolcred
(Note: Enter your Office 365 credentials when prompted)
-
Enter the command to update the user name:
Set-MsolUserPrincipalName -UserPrincipalName mary.osgood@contoso.onmicrosoft.com -NewUserPrincipalName mary.smith@contoso.com
(note: update the fields in BLUE with the old username and new username)
16 Spice ups
you solved my issue, thanks
2 Spice ups
Nick, you saved my bacon - thank you so much!!!
turcoloco
(turcoloco)
13
Nick8073’s solution was the only one that actually worked for me. Our environment is Exchange-O365 Hybrid environment with AD Sync in place. User account was created with wrong name in AD so the UPN/Username on OAC was pointing to the wrong email address. Even after correcting everything in user’s AD profile including Attributes tab and syncing, it never corrected the issue on o365. Tried everything I could think of but failed (got the same error or the info never updated).
Running this script then re-syncing resolved the issue. Cheers!
I had this same issue when we migrated to O365; I just couldn’t figure out where that onmicrosoftonline.com address was coming from. Here’s what I learned about it. All users get an onmicrosoft.com username when synced to Azure AD; you can see it if you look at the user profile in your O365 Admin console for Active Users. It’s so that if they don’t have an email address set in the E-mail field on the general tab in the local AD profile, the user still has a username to log in to the web portal to access all products the user is licensed to use. If that field is set, the user listing in Active Users in the Admin console will show both the onmicrosoftonline.com address and the user’s email address with the user being able to use either one to log in to O365. You do still have to use the proxyAddresses field in the local AD profile to set email aliases because the Azure AD profile cannot be edited unless you have Write Back licensing due to the sync. If you make changes to the local profile, you may also have to use the Azure GUI to do a resync. It’s found in the install location for the AD Sync client, C:\Program Files\Microsoft Azure AD Sync\UIShell\miisclient.exe if you use the defaults. I still have to look up the options for the resync; so, unfortunately I can’t tell you that off the top of my head. Took me about 3 weeks to figure that one out because I didn’t have access to (read: didn’t know about at the time) the Spiceworks community.
jimbarr2
(jimbarr2)
15
Nothing but red…
- "a positional parameter cannot be found that accepts argument ‘first.last’"
I am able to see the username’s complete change in AD. Alias is still wrong and cannot be changed (3 levels up Microsoft’s support stack over 2 weeks - this is hardcoded, cannot be changed, and is immutable.
All changes have been made throughout AD and the email address (the new one) works, is bold in proxyAddresses, and is reflected all throughout Attribute Editor. When email arrives from this person, still has wrong display name despite being correct in AD, Exchange Admin Center, and everywhere else I can find it.
I’ve seen this before and never been able to get it right twice. Now, when we discover new employees whom HR got the name wrong, we simply delete the AD account and start over. No BS in this method, no Powershell, no weird scripts, nothing.
dyoung
(Damien665)
16
I had the following issue when locating the “attributes” tab.
If you are having issues seeing the attribute tab - it wont show up if you search for the user via the “find users” toolbar button in AD. Selecting properties when doing this for some reason doesn’t display the “attributes” tab.
You need to locate the user in their OU manually - then you can right-click - select “properties” - then you will be able to see the “attributes” tab.
That worked like a charm, thank you!
Thanks Nick! This resolved the issue for me. We already had the email alias figured out, but couldn’t update the actual username in O365. We thought when we updated it in AD it would update it in O365, sadly, not the case.
derekjoy
(Derek8110)
19
This fixed my problem a while back i.e. change proxyaddresses to SMPT:email@domain.com for primary address under attribute editor in AD. Also set this address under the general tab. Now something has changed and I have several users showing as onmicrosoft.com on synch’d Microsoft 365. Has there been an update recently that could’ve compromised this, does anyone know please?
richkav
(RichKav)
20
I’ve used the Powershell command detailed above before to fix previous issues with Azure AD usernames (thanks @nickaddison ) but interestingly I’ve today been given an issue where someone created a username with an apostrophe in it and the command doesn’t work as it doesn’t like the apostrophe!
