Question
What is the procedure for changing a user's Microsoft 365 UPN (Microsoft 365 ID) on HENNGE Access Control?
Answer
The procedure varies depending on the configuration of the introduction and the method of account synchronization, so please refer to the following.
Notes
If you are unsure about the synchronization configuration, please send the HENNGE One Directory Sync module configuration file to HENNGE Customer Success Guide for confirmation.
The path to the HENNGE One Directory Sync configuration file is as follows.
C:\Program Files\HDE One Directory Sync\config.ini
If synchronizing to Entra ID from Active Directory * User recreation will not occur
1. Stop the HENNGE One Directory Sync module service (only for automatic execution)
2. Change the [User Logon Name] (UPN) on Active Directory
If you have a standard configuration, "attr_upn=userPrincipalName" is described in the config.ini file.
If not, please consult the HENNGE Customer Success Guide.
3. Start the HENNGE One Directory Sync module service (only for automatic execution)
If the key for identifying user accounts in the internal Active Directory and HENNGE Access Control is "UPN" (if there is a description key=UserPrincipalName in the config.ini file),
accounts with the old UPN will be automatically deleted by the synchronization process, and accounts with the new UPN will be automatically created.
If synchronizing to Entra ID from HENNGE Access Control * Recreation of HENNGE users will occur
1. Check the scheduled execution time of the cloud-based user synchronization tool
Since the cloud-based user synchronization tool synchronizes once per hour, please check the synchronization execution time in advance.
Reference: Check synchronization logs (modern view)
If there is a possibility that the work will not be completed by the next scheduled synchronization, we will stop the synchronization on our side,
so please request a synchronization stop to HENNGE Customer Success Guide before proceeding to 2.
* If a scheduled synchronization occurs during the work, unintended user deletions or creations may occur.
If it is expected that the work will be completed by the next synchronization, proceed to 2.
2. Change the Microsoft 365 ID (UPN) from the Microsoft 365 admin center
Reference: Please check the following help center if you want to change UPN with PowerShell command.
Change objects other than users' UPN to the onmicrosoft.com domain
3. Delete user accounts with the old Microsoft 365 ID (UPN) on HENNGE Access Control
4. Create user accounts with the new Microsoft 365 ID (UPN) on HENNGE Access Control
Reference: HENNGE Access Control Administrator Help
5. Wait for the cloud-based user synchronization tool to run periodically, or manually execute [Data Sync]
Please wait for the next scheduled synchronization or manually perform [Data Sync].
Reference: User synchronization from HENNGE Access Control to Microsoft 365
If you have requested a synchronization stop at 1-1, you can also request a resumption.