Why have the Azure AD account names recently changed the username on Entra ID joined devices.

Noah Grayhek 0 Reputation points
2024-06-25T15:17:01.5966667+00:00

I have noticed that Entra ID Joined devices have changed the username of the "AzureAD" username to be the user FirstLastName. Previously the users local Windows account name was their username but now it is their first and last name combined together without spaces. As an example:

Entra ID upn: Test@domain.com

First name: Test

Last name: User

Original Windows username: AzureAD\Test

New Windows username: AzureAD\TestUser

This has caused problems as we use DUO and that relies on the username to authenticate. Now all of the usernames used to log in have changed and I cannot find a reason why that is.

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
4,988 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,646 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,288 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marilee Turscak-MSFT 35,901 Reputation points Microsoft Employee
    2024-06-26T23:07:52.0666667+00:00

    @Noah Grayhek

    In Windows 11 there is a separate space to "join to Azure AD" rather than only connecting your Microsoft Work account, so you may need to do that to resolve this.

    To login to the Entra ID joined device you need to provide the credentials in the following format:

    AzureAD\user@domain.com

    The AzureAD prefix is mandatory, and the UPN value must match the user's UPN within Azure AD.

    Once the user logs to the device, a local profile will be created, and you can also use the AzureAD\FirstnameLastname format.

    When the user signs into an the Entra ID joined machine, the machine's SAM DB stores the user as "AzureAD*FirstnameLastname,*" similar to how on-prem AD stores it using your AD domain's NETBIOS name and account name.

    If you still have issues, let me know and I would be happy to create a one-time free support case for you to get this resolved. You can reach me at AzCommunity@microsoft.com ("Attn: Marilee Turscak") and provide your subscription ID and a link to this thread.

    If the information helped you, please Accept the answer. This will help us as well as others in the community who may be researching similar questions.

    0 comments