On Demand Migration Active Directory replaces the email address and/or userprinciplename with the replacement domain name when the domain is removed that is under move. If the replacement address already exists in the directory, the domain move process will generate an error and alert migration administrators. An administrator can use the following PowerShell script to find objects that still have the domain name attached and perform any remediation needed.
Get-AzureADUser -All:$true | where { ($_.ImmutableId -ne $null) -and (($_.UserPrincipalName -like '*xxx.com') -or ($_.Mail -like '*xxxx.com') -or ($_.ProxyAddresses -like '*xxx.com')) } | select "UserPrincipalName", ImmutableId
On Demand Migration Active Directory removes the domain name from hybrid users by making changes to Active Directory on-premise objects. After the objects are updated on-premise, these changes must be synced to Microsoft Entra ID. Verify the changes are correctly synced to the cloud from the Microsoft Entra ID Sync log.
Yes, however, the Global Administrator role must be added back to the account during an active domain move as it is required to remove the domain from the source tenant and add it to the target tenant.
Yes, you can use On Demand Migration Active Directory to move your domain, but you will need to manually remove the domain from source tenant and add the domain to the target tenant at the appropriate time. The Domain Move project will alert you that it is unable to automatically remove the domain due to a lack of permissions, at that point you may manually remove and add the domain. Once you have completed these steps, you may skip to the add email addresses step by click on the Skip button.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center
