<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008C3jZISAZOkta Classic EngineOkta Integration NetworkAnswered2024-04-17T11:50:20.000Z2017-09-13T16:07:34.000Z2018-08-12T04:14:20.000Z

b9vx3 (b9vx3) asked a question.

Edited by varun.kavoori1.5210444522562532E12 September 5, 2018 at 1:19 AM
Changing login names without changing UPNs in AD
We are currently in an Office 365 hybrid deployment with profiles being mastered by AD.  We recently acquired a new domain name and are working on a transition plan for moving from the old domain to the new one.  The goal would be to give users the ability to sign in with user@new.com rather than user@old.com without changing the UPN that's still on the @old.com domain.  Is there a way to specify an alternate login for users that will authenticate them in Okta as user@new.com but pass the correct authentication information to Office 365 as user@old.com?

 

I've tried changing the UPN for a user and everything appears to work except mobile device email access, which is why I'd like to make this change without changing the UPN if possible.
  • 2 answers
  • 3.08K views

  • andrei.hava (Okta, Inc.)

    Hello Scott,

     

    This can be done by mapping the @old.com UPN to a custom attribute in the Okta Profile and then mapping it to Office 365 using the custom mappings feature of Okta.

     

    If you need more assistance, please don't hesitate to open a support ticket with us.

     

    Best regards,

    Andrei Hava
    Expand Post
    Selected as Best

  • andrei.hava (Okta, Inc.)

    Hello Scott,

     

    This can be done by mapping the @old.com UPN to a custom attribute in the Okta Profile and then mapping it to Office 365 using the custom mappings feature of Okta.

     

    If you need more assistance, please don't hesitate to open a support ticket with us.

     

    Best regards,

    Andrei Hava
    Expand Post
    Selected as Best

  • b9vx3 (b9vx3)

    Would I need to disconnect that user's profile from AD before making that change, or would I simply add an attribute to the user's profile in AD, let it sync to Okta, and then map it to the userID field in Profile Editor for Office 365?
This question is closed.
Loading
Changing login names without changing UPNs in AD