Change Suffix To AD Security group

You have completed the domain work in relation to your O365 tenancy, however the usernames replicated to AAD are in “username@old” format.

Most organizations have inherited a “username@old-domain.local” suffix. Time goes on and the organization changes its name, amalgamates, etc, for whatever reason, effectively changes its name.

The following script will serve to allow you to run the script ad hoc in order to change the full upn for the usernames in the group with from “username@old-company.local”(no joke intended), through to “” format:

param([string] $group)

Import-Module ActiveDirectory
$newsuffix = ""
$users = get-adgroupmember -Identity $group |Get-ADUser

write-host "The following users are going to be renamed, would you like to procees?"
write-host "The above UPNs are affected." -ForegroundColor Red
$confirmation = Read-Host "Are you Sure You Want To Proceed (y) to format" 
if ($confirmation -eq 'y') {
    foreach ($user in $users)
            Set-ADUser -Identity $user.SamAccountName -UserPrincipalName "$($user.GivenName).$($user.Surname)@$newsuffix"
Sleep 5

Get-ADGroupMember $group | get-aduser | select userprincipalname