skip to Main Content

Change Users UPN with Powershell

You want to synchronize your on-premises users, for example with O365. Before you do that, make sure that the UPN of the Users in Active Directory (AD) is configured. In this article, you will learn how to add a UPN suffix and how to change the UPN of the AD Users with PowerShell.

Information

Any UPN that contains a non-routable domain, for example, john.doe@local, will be synchronized to a .onmicrosoft.com domain, like john.doe@alitajran.onmicrosoft.com. That is not how it should. If you currently use a .local domain for your user accounts in Active Directory, it’s recommended that you change them to use a verified domain. For example, john.doe@alitajran.com, to properly sync with your Office 365 domain. That’s how it should.

Add UPN in AD

The first step is to add the UPN suffix in Active Directory.

Click Start and search for Active Directory Domains and Trusts, and click on it. You can also press Windows key + R to open the Run dialog, and then type in domain.msc, and then choose OK.

On the Active Directory Domains and Trusts window, right-click Active Directory Domains and Trusts, and then choose Properties.

Change users upn with powershell properties

On the UPN Suffixes tab, in the Alternative UPN Suffixes box, type your new UPN suffix, and then choose Add. Click OK when finished.

Change users upn with powershell add UPN suffix

The UPN is added successfully.

Add UPN in AD with PowerShell

We can add the UPN suffix in AD with Powershell.

Run PowerShell as administrator. Get a list of the UPN suffixes.

It’s not showing any UPN suffixes, this means that it’s empty. Let’s add the UPN suffix.

Confirm that the UPN suffix is added successfully.

Change UPN for all AD Users

Now that we have set the UPN suffix in AD, we like to change the UPN for all the users in AD.

Let’s first start by getting a list of all the AD Users in the organization.

Change the UPN for all the AD users in the organization. Run the commands one by one.

Confirm that the UPN is changed by running the Get-ADUser cmdlet.

The UPN is successfully changed for all the users in the organization. If you like to change the UPN back to alitajran.local, change the UPN in previous commands.

It’s possible that you have a long list of users and you want to verify if there are no .local addresses in the AD. Get a list of all users with .local UPN suffix. The output should be empty.

Change UPN for AD Users in a specific OU

You don’t have to change the UPN for all the users. It’s possible to change the UPN for a specific OU.

Let’s first start by getting a list of the AD Users in a specific OU. We have an OU named Finance.

Change the UPN for the AD users in the Finance OU. Run the commands one by one.

Confirm that the UPN is changed by running the Get-ADUser cmdlet.

The UPN is successfully changed for the Finance users. f you like to change the UPN back to alitajran.local, change the UPN in previous commands.

It’s possible that you have a long list of users and you want to verify if there are no .local addresses in the AD OU. Get a list of all users with .local UPN suffix. The output should be empty.

Now that the UPN is changed for the users, what if you want to do it automatically? Read more on how to Change Users UPN automatically with scheduled task.

Conclusion

In this article, you learned how to change Users UPN with Powershell. Change all the users in Active Directory or only a selected OU. Did you enjoy this article? If so, you may like the article Install Exchange Server 2016. Don’t forget to follow us and share this article.

ALI TAJRAN

ALI TAJRAN

ALI TAJRAN is a passionate IT Architect and IT Consultant. His specialism is designing and building complex enterprise environments. He started Information Technology at a very young age, and his goal is to teach and inspire others. Connect with ALI TAJRAN on social media. Read more »

This Post Has 0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top