[ez-toc]

Before ADConnect installation add the UPN Suffix

In this post we Use PowerShell to change the UPN suffix for all of your users, this will be useful for configuration for AD Connect prerequisite – Powershell Script to change UPN for All Users.

Step 1: Add the new UPN suffix

1. On the AD DS domain controller, in the Server Manager choose Tools > Active Directory Domains and Trusts.Or, if you don’t have Windows Server 2012Press Windows key + R to open the Run dialog, and then type in Domain.msc, and then choose OK.
2. In the Active Directory Domains and Trusts window, right-click Active Directory Domains and Trusts, and then choose Properties.

   

3. On the UPN Suffixes tab, in the Alternative UPN Suffixes box, type your new UPN suffix or suffixes, and then choose Add > Apply.

   

   Choose OK when you’re done adding suffixes.

Change the UPN suffix for existing users Powershell Script

The below script can be used to change the UPN for all users.
Replace Testdomain.local with your actual onprem Domain Name.
Replace Paddymaddy.com with your target domain name

Use PowerShell to change the UPN suffix for all of your users

$LocalUsers = Get-ADUser -Filter “UserPrincipalName -like ‘*testdomain.local'” -Properties userPrincipalName -ResultSetSize $null
$LocalUsers | foreach {$newUpn = $_.UserPrincipalName.Replace(“@testdomain.local”,”@paddymaddy.com”); $_ | Set-ADUser -UserPrincipalName $newUpn}