{"id":168,"date":"2019-04-03T15:42:03","date_gmt":"2019-04-03T15:42:03","guid":{"rendered":"http:\/\/www.scheh.com\/?p=168"},"modified":"2020-03-03T09:22:02","modified_gmt":"2020-03-03T14:22:02","slug":"changing-username-on-office-365-with-adsync-and-mfa","status":"publish","type":"post","link":"https:\/\/www.scheh.com\/index.php\/2019\/04\/03\/changing-username-on-office-365-with-adsync-and-mfa\/","title":{"rendered":"Changing Username on Office 365 with ADSync AND MFA"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t\t\t

<\/p>\n

I have a client that uses adsync to sync their local active directory with their office365 azure directory. I also have multi factor authentication, via the IOS Microsoft Authenticator, enabled for the administrator account. On a Windows 10 computer, here are the steps I have to perform to change a username locally and on office365.<\/p>\n

<\/p>\n

<\/p>\n

On a local domain controller:<\/p>\n

<\/p>\n

<\/p>\n

Change the username in active directory. I also change the Email address on the general tab and the proxyaddress on the attributes tab (you must have advanced features under view enabled in the ADUC MMC to see this tab).<\/p>\n

<\/p>\n

<\/p>\n

On the AzureADSync computer\/server:<\/p>\n

<\/p>\n

<\/p>\n

Run the powershell command:<\/p>\n

<\/p>\n

<\/p>\n

Start-ADSyncSyncCycle -PolicyType delta<\/pre>\n
<\/p>\n
<\/p>\n
On a Windows 10 management computer:<\/p>\n
<\/p>\n
<\/p>\n
Using Internet Explorer, go to https:\/\/outlook.office365.com\/ecp\/?rfr=Admin_o365&exsvurl=1&mkt=en-US<\/a> (Exchange Admin Center under the office 365 admin portal), click on Hybrid, click on the bottom link to download and install The Exchange Online PowerShell Module (second button).<\/p>\n
<\/p>\n
<\/p>\n
Using the new Exchange Online PowerShell Module, run the following powershell commands (the last two connects require MFA; you don’t necessarily need all of this, but i use it to make sure i can perform all the commands i need at the time)<\/p>\n
<\/p>\n
<\/p>\n
install-module msonline
install-module azuread
import-module msonline
import-module azuread
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force
$exchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri \"https:\/\/outlook.office365.com\/powershell-liveid\/\" -Credential $credential -Authentication \"Basic\" -AllowRedirection
Import-PSSession $exchangeSession -DisableNameChecking
connect-exopssession
connect-msolservice<\/pre>\n
<\/p>\n
<\/p>\n
Now you\u2019re authenticated and can change the user principal names to match your local active directory changes:<\/p>\n
<\/p>\n
<\/p>\n
set-msoluserprincipalname -userprincipalname oldupn@domain.com -newuserprincipalname newupn@domain.com<\/pre>\n
<\/p>\n
<\/p>\n
To do the same thing in the future, start the Exchange Online PowerShell Module, run the two connects and then you can run the set-msoluserprincipalname.<\/p>\n
<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"
I have a client that uses adsync to sync their local active directory with their office365 azure directory. I also have multi factor authentication, via the IOS Microsoft Authenticator, enabled for the administrator account. On a Windows 10 computer, here are the steps I have to perform to change a username locally and on office365. […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[1],"tags":[],"class_list":["post-168","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p3eyIP-2I","_links":{"self":[{"href":"https:\/\/www.scheh.com\/index.php\/wp-json\/wp\/v2\/posts\/168","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.scheh.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.scheh.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.scheh.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.scheh.com\/index.php\/wp-json\/wp\/v2\/comments?post=168"}],"version-history":[{"count":0,"href":"https:\/\/www.scheh.com\/index.php\/wp-json\/wp\/v2\/posts\/168\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.scheh.com\/index.php\/wp-json\/wp\/v2\/media?parent=168"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.scheh.com\/index.php\/wp-json\/wp\/v2\/categories?post=168"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.scheh.com\/index.php\/wp-json\/wp\/v2\/tags?post=168"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}