AD Domain to AzureAD migration

Message Topic Search Topic Options Post Reply Create New Topic Printable Version Translate Topic

   hi,
We have successfully done a local AD to AzureAD profile migration.  However in our RMM (Datto) the logged in user still shows as ADDOMAIN\username rather than Azure\username 

It seems to be pulling that from something in the migrated profile and makes things confusing for our staff who often look at that to quickly tell what kind of domain (nor other) a PC is on.

Is there any way to have this reflect correctly?  Something that can be changed int the registry for the profiles?

Author	Message Topic Search Topic Options Post Reply Create New Topic Printable Version Translate Topic
natrat22 Members Profile Send Private Message Find Members Posts Add to Buddy List Newbie Joined: 09 Oct 2024 Status: Offline Points: 3	Post Options Post Reply Quote natrat22 Report Post Thanks(0) Quote Reply Topic: AD Domain to AzureAD migration Posted: 09 Oct 2024 at 6:53am
	hi, We have successfully done a local AD to AzureAD profile migration. However in our RMM (Datto) the logged in user still shows as ADDOMAIN\username rather than Azure\username It seems to be pulling that from something in the migrated profile and makes things confusing for our staff who often look at that to quickly tell what kind of domain (nor other) a PC is on. Is there any way to have this reflect correctly? Something that can be changed int the registry for the profiles?

Support Members Profile Send Private Message Find Members Posts Add to Buddy List Moderator Group Joined: 09 Nov 2006 Location: United Kingdom Status: Offline Points: 1941	Post Options Post Reply Quote Support Report Post Thanks(0) Quote Reply Posted: 09 Oct 2024 at 9:04am
	Hi, What does whoami report when you are logged on as the target account? I expect it will also be ADDOMAIN\user ? Was there previously a sync in place between AD and Azure? This isn't related to the Wizard, you will see the same situation if this user logs on to a computer that was not migrated by the Wizard. When logging on to the new Azure AD account, you would expect the user name to be azuread\username, not ADdomain\username. If it is ADdomain\username there are known Microsoft issues around this, see https://github.com/MicrosoftDocs/azure-docs/issues/38048 “After migrating a user from an Active Directory Synced user to a Azure AD cloud user; then Azure AD Joining a device; then signing in with that user and running the command whoami in cmd, I get domain/user. When I create a new user (cloud native) in Azure AD and preform the same azure ad join process as above, I run the whoami in cmd, and I get AzureAD/user.” “This a known gap, that we're reviewing. Even though you have migrated the user from AD to Azure AD, the onprem SamAccountName is still intact on the user object, among other on-prem AD attributes. As a result, Azure AD picks those details and shows domain/user instead of AzureAD/user. This attribute cannot be modified or cleared through Graph APIs at this point, so there's no way to change the behavior” We have seen a couple of customers report this, and their feedback from their investigations was that it occurs when AD Connect is being used to sync a user. Their resolution was that they didn't sync users that had AAD/Intune only machines. Information on the post also shows that some people have contacted Microsoft to arrange for the SAM account attributes to be removed from the Azure user objects. I hope this helps and answers your questions, if you have any further questions, please email us at support@ Many thanks, Support.

natrat22 Members Profile Send Private Message Find Members Posts Add to Buddy List Newbie Joined: 09 Oct 2024 Status: Offline Points: 3	Post Options Post Reply Quote natrat22 Report Post Thanks(0) Quote Reply Posted: 09 Oct 2024 at 9:27am
	Indeed they previously were AD to AzureAD synced. Thank you for this fast comprehensive reply, that makes sense and seems like we just have to put up with it short of talking to MS. Cheers