Azure AD connect sync error: FederatedDomainChangeError

When synchronizing identity data from your on-prem Active Directory environment to the Azure Active Directory environment using the Azure AD connect tool you might occasionally get an error.

One example is the error: FederatedDomainChangeError


This error typically occurs after you have changed the UserPrincipalName suffix of an user from one federated domain to another federated domain.

For example:
If a user’s UserPrincipalName suffix was updated from: to and both domains ( and are Federated domains then the FederatedDomainChangeError will occur.

To correct this:

  1. Update the user’s UPN in Azure AD from to You can do this with the following PowerShell command with the Azure AD PowerShell module:
  2. During the next sync schedule the UserPrincipalName of the user John will be updated to:

Check out my blog about how to Check and clean your on-prem AD with IdFix before migrating

I hope this was informative. For questions or comments you can always give a reaction in the comment section or contact me:


Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.