B2C non Verified Domains: Unable to update this user because the user principal name provided is not on a verified domain

Question

A customer of ours changed the mail domain. So I would like to change the UPN on request of this customer.

Azure B2C blocks with the Error: "Unable to update this user because the user principal name provided is not on a verified domain."

 $username = "admin@tenant.onmicrosoft.com"
 $password = ConvertTo-SecureString "sEcReT" -AsPlainText -Force
 $psCred = New-Object System.Management.Automation.PSCredential -ArgumentList ($username, $password)
 $oldUPN = "user@someoldcompany.com"
 $newUPN = "user@tsomenewcompany.org"
 $tenant = "1234567-1a75-438f-8f2c-1234567"
 Connect-MSolService -Credential $psCred
 Connect-AzureAD -TenantId $tenant -Credential $psCred
 Connect-MSolService -Credential $psCred
 Set-MsolUserPrincipalName -UserPrincipalName $oldUPN -NewUserPrincipalName $newUPN -TenantId $tenant

Only option I see is to add the customer domain as a verified domain. But that is inconvenient in a B2C scenario. As most of the users did a self registration.

Any workaround? Any --force attribute, either to change the UPN or the verify a custom domain.

score 0 · Answer 1 · answered Dec 01 '22 at 22:04

0

As you already found, UPNs need to include a validated domain. It should not affect any user, being Azure AD or consumer, local or federated.

answered Dec 01 '22 at 22:04

AlfredoRevilla-MSFT

3,171
1
12
18

B2C non Verified Domains: Unable to update this user because the user principal name provided is not on a verified domain

1 Answers1