A customer of ours changed the mail domain. So I would like to change the UPN on request of this customer.
Azure B2C blocks with the Error: "Unable to update this user because the user principal name provided is not on a verified domain."
$username = "[email protected]"
$password = ConvertTo-SecureString "sEcReT" -AsPlainText -Force
$psCred = New-Object System.Management.Automation.PSCredential -ArgumentList ($username, $password)
$oldUPN = "[email protected]"
$newUPN = "[email protected]"
$tenant = "1234567-1a75-438f-8f2c-1234567"
Connect-MSolService -Credential $psCred
Connect-AzureAD -TenantId $tenant -Credential $psCred
Connect-MSolService -Credential $psCred
Set-MsolUserPrincipalName -UserPrincipalName $oldUPN -NewUserPrincipalName $newUPN -TenantId $tenant
Only option I see is to add the customer domain as a verified domain. But that is inconvenient in a B2C scenario. As most of the users did a self registration.
Any workaround? Any --force attribute, either to change the UPN or the verify a custom domain.
As you already found, UPNs need to include a validated domain. It should not affect any user, being Azure AD or consumer, local or federated.