Microsoft 365

Active Directory | Azure AD | Microsoft 365 Hybrid: Change UPN Suffix for all On-Premise Users (Bulk)

By on ( 1 Comment )

In a hybrid environment, it makes sense to configure an alternate UPN suffix so that users are not created in Azure AD with the username *.onmicrosoft.com. In this post, I provide a script that allows you to create the UPN suffix and then change qll users of an OU to this suffix. Let’s dive in.

What I am talking about are this settings.

Configure Alternative UPN Suffix

If no new Suffix has been created yet, copy the following lines into ISE or Visual Studio Code.

Provide the new UPN Suffix in line 3.

# Variables

$newSuffix = "pagr.com"

# Add Domain Suffix

Get-ADForest | Set-ADForest -UPNSuffixes @{Add="$newSuffix"}

Change UPN Suffix for all Users in a OU

Now let’s go for it.

Copy the code and edit line 3,4 and 8 to specify the OU of your users.

# Change UPN bulk

$oldSuffix = "pagr.inet"
$newSuffix = "pagr.com"

Import-Module ActiveDirectory

$ou = "OU=Technicians,DC=pagr,DC=inet"

Get-ADUser -SearchBase $ou -filter * | ForEach-Object {
$newUpn = $_.UserPrincipalName -replace $oldSuffix,$newSuffix
$_ | Set-ADUser -UserPrincipalName $newUpn -Verbose
}

Done 😉

Categories: Microsoft 365, Microsoft Azure, PowerShell, Windows Server

Tagged as: , , , , ,

Published by Patrick Gruenauer

Microsoft MVP on PowerShell [2018-2023], IT-Trainer, IT-Consultant, MCSE: Cloud Platform and Infrastructure, Cisco Certified Academy Instructor.

1 reply »

  1. Pingback: PowerShell SnippetRace 39-2021 | PowerShell Usergroup Austria

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.