Renaming in AAD | Almost all organizations occasionally end up in the situation where an employee changes their name. This time it was my own turn as I got married and changed my surname! Getting married was awesome but this blog entry will describe my experience of the name change in a Microsoft cloud environment.
In the Microsoft’s cloud environment, most things are easy. It goes quick to put up Power BI reports that you update with your own account, you create a Flow for automating your everyday life, individual employees can create their own apps in PowerApps, they can share files from their OneDrive for Business and so on. All of this is about getting the maximum value from our modern workplace. Let your digital workplace do the job for you!
OK so everything is all fun and games so far. But what happens when you need to make fundamental changes to your account? The key to your identity in a cloud-based world. What happens to all the good things I described just a few sentences ago? Does my fine everyday life turn into a nightmare? Is it perhaps easier to just start with a new account? Should I instead terminate my employment in order to avoid this procedure?
Fortunately, the answer is somewhat anti-climaxed and very mediocre. There are surprisingly few things happening in a name change in Azure Active Directory (AAD). Let’s look for service below.
Restarting the computer. Windows still says Engholm at the login box about 3 minutes after the name change. Allright, so maybe it was a little optimistic by me. It turns out that even the day after, it says my old name at the login screen.
Some things in Microsoft’s cloud services can take up to 7 days to sync, so it may be helpful to inform your users who make a name change that some insignificant places may hold their old name for a few days after the switch.
I land into my familiar environment on the computer. The reboot was just as fast as usual. It takes about 17 seconds from pressing the button until I get to the login screen. Windows Hello recognizes me immediately and another 5 seconds later I am logged in and can start working again. I get shivers thinking about how much valuable time I threw away with waiting for startup computers before Windows 10 and fast hard drives.
My shivers quickly disappear when I open the browser and go to portal.office.com to log in. I end up directly to the sign-in page to fill in my password and see that my new username has been automatically filled in. Smooth!
After filling in my password and responding to an MFA request, I am back inside the portal.
Speaking of the MFA request, the Authenticator app on my phone had also updated itself with my new name already. It has now been a couple of minutes since the name change was done.
In Office Pro Plus, my old name is still at the top. It’s just a display name and does nothing. This also seems to be such a thing that updates itself within a couple of days.
An interesting observation the day after the name change was that I sometimes got Engholm, and sometimes Gullstrand. No direct disturbance and I think most people have better things to do than to stare at that part of the Office package during the days, but there could be questions when changing a name for such a thing.
Everyone who worked with Microsoft knows that Yammer is an important place for information. They manage partner networks and programs from different Yammer networks. For example, we are in the Microsoft High Touch Partner, Windows and EM + S Elite Partner Program where Yammer is the primary site of information exchange. I take the bull by the horns and log in to see if I am forever locked out in the cold.
It has now gone 10 minutes after the name change and there was no problem whatsoever to log on to external or internal networks to Yammer. My display name was Engholm, so I logged in and out again. And that did the trick and Yammer was officially fully functional after the change of name!
Yammer simply worked very well during a name change. My display name would probably just have changed itself after a while, had I done nothing.
I try to open the connection to Planner. Here is my old address and my old display name.
There is a Switch Account button at the top left.
If I click on it, I get a login proposal with my new address. No password was required.
The account name is updated but not the owner name yet.
However, it only turns out to be a purely visual measure. The day after the name change, I checked again and any Flow that had been triggered had automatically switched to my new address.
Flow ends up on the list of services that just seem to be fix itself after a name change! Nice!
Like all rational people, my first thought when I was about to change my name was: “I have to build a PowerApp!”
You who are reading this know of course already the reason to why, but if you are going to describe the purpose to a person who is yet to be convinced of the greatness in the Power Platform, you will have the explanation to forward here.
PowerApps are built by users and then shared by that user to other people or groups. It is therefore an interesting experiment to see if one can open PowerApps after a name change as well as if others can open my PowerApps after the name change. (This is what I tell myself to justify building a new PowerApp).
Instead of just taking an app that I already shared, I was going to test if the old expression for PowerApps really did apply. Once, I’ve called it Disposable Apps. You should be able to come up with an idea, build the app and put it on the same day. Said and done I created an app for insights. In regards of the blog post, I had it translated it into English and improved the look and the graphics a little bit. If you want to test it yourself, the app is available for download on this link! I take no responsibility for the functionality of the app and you install it of course at your own risk.
You can follow this guide to import the app into your own environment:https://powerapps.microsoft.com/en-us/blog/powerapps-packaging/
In summary, PowerApps worked perfectly well after the name change and I didn’t have to update any data sources or reshare apps. The apps that were shared with me also worked perfectly well without any manual handling.
Here I notice nothing at all. What? how can this be? I know just how bad a SIP address change tasted for the Skype experience, but in Teams it seems to have worked fine.
Allright so internally, everything seems like peace and joy. Time to perform the ordeal! I change to another Teams environment as a Guest user.
At first, everything seems to look good, but then I notice how Teams hang out and nothing goes further on. A few seconds later, the application crashed and shut down.
It starts by itself again and upon startup I get a login box. This was not entirely optimal, because now my old address is suggested, and I just need to enter the password.
For the typical end-user, this can be difficult to see, and the risk is great that you simply enter the password and then you don’t understand why it does not work.
I backed up and switched to my new address, filled in the password and logged in. I came back to our internal environment and see that my display name has been changed to the new name at the top right.
Getting back up in the saddle. I switch the environment once again. This time, there was no weirdness at all, but my display name is again back to the old one.
Again, this is one of those things that can take a few days to sync. I have a guest account in AAD with all the clients where I am a guest and it is this account that is still named Engholm. An irritational detail for sure, but it does not affect the experience of the service.
In addition to the display name being old, everything works as before. I am in the same teams as before and can chat without problems.
The Teams app for the mobile was logged in with my old account but worked well anyway. I ended up in a crossroad. Should I try to log out and in manually or wait to see if it would resolve itself?
Afterwards, I wish that I had waited, like most users who just want things to work by themselves, instead of trying to break things as I usually do, just to see what happens. I do not know if this was going to repair itself if you just wait, but I now know that if you’d try to log out and back in again you would be greeted by the old user information.
Again, it’s important to back up one step, switch to the correct username and then move on to the password.
The login went perfect; however, I suddenly encountered the question if I wanted to turn on Notifications from the app.
I have already responded to this setting a long time ago, but something seems to have been restored by the log out and in-process. I accept notifications and come back into the app which now works completely normal again but with both updated account name and display name.
I couldn’t test Skype because I, like everyone at Altitude 365, run Teams Only mode. #WhoUsesSkype2019 #GetIntoTheGame
Before the name change, I booked a meeting with my colleague so that it was booked before the name change but the meeting occurred after the name was changed. Like most others, we run open meetings. If you have the link you can simply connect. This worked like a charm! I had not problem with my meeting what so ever and both myself as well as my colleague could connect after my name was changed.
If, on the other hand, the tenant level decides that the meetings should be closed, you only allow users who have been invited to the meeting itself. In this mode I would have been unable to connect because my address is no longer the same.
When choosing to log in, my new account has now appeared in the list (probably because I first logged into Teams before Power BI).
I didn’t have to enter my password but instead came to this reassuring notification. After this, I got right back into the app and everything worked just as fine as before!
My dashboard on the Apple Watch also works fine. Pooh! The fact that this isn’t the first thing I tested is strange. I am ashamed in silence and avoid eye contact with potentially damning colleagues.
Before anyone has time to notice my little error in prioritizing, I log in to the web at powerbi.com and update one of my reports. This report uses an Excel file in SharePoint as the data source and uses my login credentials as authentication. Without changing any settings, I just click the Update button for the Dataset.
The update is going on for a few seconds and then I get greeted with the fact that everything has gone exactly as it should. No updates to my account were needed here. It feels like it works like with Flow. During the next triggered update of the dataset, the account name is updated automatically.
The conclusion is that Power BI simply wants me well and intends to work flawlessly even after a name change. Turns out Power BI likes me after all!
Now we come to the service that worked worst when changing my name.
You do not have to change your address here if you do not want to, but I think that if you do something you should do it properly. That means changing your OneDrive For business adress/URL as well!
My address in OneDrive was automatically updated after about 30 minutes from the name change. My displayname was updated after about 10 minutes.
After 10 minutes:
After 30 minutes:
After my URL was changed, little surprising, my colleagues no longer have access to the files I shared before renaming. This is a very important part to take into account when you change your name in the AAD! Up to here, you’ve been able to simply inform your users to take precaucion on what their log in name was. All their “problem” so far have been fixable, but for this you have to re share you files and folders again.
After a couple of hours, I get an error message by the client that I am no longer logged in.
Clicking on the icon shows the following.
By clicking on Sign In I get this box on the computer.
Nothing happens when I click on the Sign In button.
Instead, I go into the settings of the app as shown below and select “Add an account”.
Using this guide I’m able to log in. I received MFA twice and then met this error message.
Well okay, it might have been too good to be true. I was a fool to believe that most things would work by themselves after the name change.
I close the box and right click on the OneDrive icon again at the clock.
In a brave attempt to tame the OneDrive app with stubbornness, I click on Sign In again. This time, I seem to be accepted. I logged in and the machinery that updates all my files are beginning to chew.
With this, my name and address were also updated under OneDrive’s account settings.
Windows 10 with OneDrive comes with something called Files on Demand!
Before the name change, I added 3 files of varying importance to one of my OneDrive folders.
As a certified Excel expert, I always get a warm feeling of being able to open my good Excel files at any time, so I set the Excel file as Keep Always on this device.
The word file here was opened once, so it was saved down to my computer temporary.
The text file was far too big to store on the computer, so in order not to ruining myself completely in terms of disc space, I chose to have it in the cloud and only mirror it to the computer.
All this was done as before the name change.
Now that the OneDrive App was resurrected, this also worked fine and my settings were preserved.
Proof that my textfile would be unfit to save on my local disk:
With Bookings you can publish your calendar on the internet so that others can book you for packaged services. It can be to book a cutting time or a workshop.
After the name change you can still book, rebook or cancel through Bookings. It comes to my calendar, but in the texts the old name is also a couple of hours after the change has gone through.
Even the day after the name change, my old name remains. As in previous cases, this is a purely cosmetic detail and does not affect the service itself. In summary I put Bookings on my list of things that works fine after you change your name.
Excel latest opened files
My good Excel file, which I always wanted to save on the device, was included in my list of latest opened files.
The path points to my old URL, with my old name, because the file was in my OneDrive.
Here, you can also see that my displayname is still not updated. Interestingly enough it also looks like I’m logged into OneDrive with the wrong account yet it works fine to open my OneDrive from Office.
I couldn’t open the file this way, and I got an error message. The local version of the file was opened though I was asked to save a copy because the path to the server was not found.
This is again one of those moments where it would be wise to inform your users to preceed with caution. Some people might miss this and work on local copies of files instead of their cloud based ones.
If I closed the file and opened it from the OneDrive folder (the sync that was always keep on this device) then the correct file was opened and under the last opened files, the wrong path was replaced with the new one. To be clear, I opened it from my explorer window, not from the web based OneDrive.
As an overall strategy, it may therefore be advisable to use OneDrive for your personal files (and thus to a rather limited extent) while working with shared files in SharePoint where it is also easier to collaborate with colleagues. Then you are not affected by the individual’s changing their names. Who would have guessed? Using the services the way they are meant to simplfies things. Eyeopening.
Users who often work in their OneDrive should, in connection with a name change, avoid using the latest opened menu for a few days after the actual name change. By opening the files where they are located, this becomes a transient problem.
I noticed very little difference in Outlook. Mail continued to come in normally and I sent out mail just as normal.
When I look in the Sent folder, I see that my last name has been updated for the mail I sent out after the name change. Gradually I saw how my display name also appeared for incoming mail, but my addresses were still old if I searched for myself in the address book.
The reason for this is that the Global Address List (GAL) can take up to 24 hours to synchronize.
The day after the name change, the address book was updated, and the addresses matched my new name.
It doesn’t matter if you use Outlook installed on your computer or the web in regards to the address book.
We obviously made my old SMTP (my primary emailadress for sending out emails) as an alias. This means I can still receive emails on my old address. If you do this, I’d say your users won’t notice the fact that they have new addresses in Outlook and eventually the new address will be spread out again.
- A name change in Microsoft’s cloud environment is overall painless, but if I had to do it again, I would’ve done it at the end of the week instead of on a Monday. It had given 2 free days over the weekend where synchronizations can be carried out in peace.
- It is important to inform your employees that they are supervising which name is proposed when logging in, because some systems seem to have cached data and suggest the old name instead of the new one.
- Users who use OneDrive a lot and share many files from there will have a greater impact than users who work more with shared files in SharePoint. If such a OneDrive lover change his or her name, it might be a good restarting point. instead of just re-share everything, consider moving the files to new areas in SharePoint instead.
- If you have a locked-down environment where meetings only allow participants who are specifically invited to the meeting, consider a more transparent strategy or remember that the person who changes the name must be re-invited to the meetings again.
- Set aside some time after a change of your name so that you can correct any things that are messing with you. It should not take a very long time, but one hour after the replacement, one should perhaps not have the most important meeting of the century scheduled.
- Be chill. Let it pass up to a week after the name change before you expect your name to be corrected everywhere. Purely cosmetic and even if it is wrong, the service will work just as well anyway. When i’m finnishing up this blog post, it’s been over a week and I actually still see my old name in a few places.
So the next time you’re at a wedding and consider to rise your voice as the priest asks the audince to “Speak now or forever hold your peace”, you can calmly just sit back down and relax. Things will be fine!