Summary


An account has been placed in deleted users (which contains the users mail) but a new account has been synced to 365 with the same email address.



Cause


This could be caused by an IAM Cloud sync problem or the user could have been accidently or purposely deleted from active users. 





Solution


As the user accounts have the same email address you need to remove the newly created one from active users into deleted users and restore the original.


This happened at Corsham after a recent outage:


Deleted users:


e11QfC_e5I-A18YXZqKWo5XBVd7qTNN_tQ.png



Active users:




nSQYylX472Yb87VzYVPzPHPBNoc_OmtedA.png

Step 1


First we need to rename the new account in active users. You can do this in Azure PowerShell with the command:


PS C:\WINDOWS\system32> connect-msolservice
PS C:\WINDOWS\system32> Set-MsolUserPrincipalName -UserPrincipalName example@someone.com -NewUserPrincipalName example1@someone.com


So what I did was place a '1' after the name in the email address. In the example above it would be:


Set-MsolUserPrincipalName -UserPrincipalName staff-bma@corsham.wilts.sch.uk -NewUserPrincipalName staff-bma1@corsham.wilts.sch.uk


You can check it has worked by running get-msoluser -userprincialname example1@someone.com


Step 2


You need to delete this account from active users with Remove-MsolUser -UserPrincipalName example1@someone.com


Step 3


Restore the account from deleted users


sCMorU-sJccVAUcb4OW2AyFzkCuhvETbIA.png

Step 4


On HFIM run a full import full sync on the customers 365 connector:



Pl6F2k4RfNx5-RQFSVOUwADBfE_jIa7G2Q.png


This joins the account to the one in FIM. Double check it in the meta verse search. If it's a big customer check with a senior member of the team first if a full import full sync can be run during working hours.


Step 5


Once the customer has confirmed all is ok delete the account from the recycle bin in 365 using Remove-MsolUser -UserPrincipalName example1@someone.com -RemoveFromRecycleBin