BachittarS.78376 (Customer) asked a question.
Automatic Provisioning Failed Office 365 404
We want to implement Office 365 via Okta to all of our users. I assign the app but provisioning fails with the following error: An error occurred while assigning this app. Automatic provisioning of user USERNAME to app Microsoft Office 365 failed: Could not create user EMAILADDRESS in Office 365, received error: 400 Unable to add this user because a user with the user principal name already exists. The deployment guide states the following when provisioning the O365 app to a user: If Provisioning is enabled in Okta, a user account will be created at the time of assigning the app. If a user already exists in Office 365, Okta will match the users up and maintain the relationship.
We are using the @companyname.onmicrosoft.com. How do I use the custom tab so it uses Firstname.Lastname@companyname.onmicrosoft.com?
Thanks in advance
Hi Bachittar Singh,
With regards to the Office 365 integration there can be numerous reasons for the error you are receiving, the most common is due to an SMTP address being applied for a new user that already exists on another account in O365.
For example you are trying to add John.Doe@domain.onmicrosoft.com with an SMTP address of John.Doe@domain.com and jdoe@domain.com.
However you have an existing user in O365 that has an alias of jdoe@domain.com you will encounter a duplication error as you cannot have the individuals mailbox with the same email as another user.
As such this would require some investigation to identify the duplicate, unfortunately there is no easy way to do this except by using PowerShell. If you review the assignment of the user encountering the issues and then run a PowerShell command to search for the user based on UPN, primary email and Aliases you should find the other account that is causing an issue.
The article below provides numerous PowerShell commands that can be used. Search for "Find Duplicate of SMTP Address" :- https://messageops.com/popular-powershell-scripts-for-office-365-administrators-part-i/
If you are new to PowerShell you will also need to read the following article.
The above is merely a guide to helping you identify the duplicate accounts, however as I do not know how you have your O365 application configured, i.e. importing from AD --> Okta --> O365 or Okta --> O365 along with how you are mapping the profile fields etc. I would strongly recommend raising a ticket with Support so that we can provide more in-depth assistance in resolving the issues you are having with the integration.
To raise a support ticket you can login to the Okta Help Center - https://support.okta.com/help/s/ - and then select the Open a Case button on the top right.
Thanks,
Chris Hancock