Remove old proxyaddress entry for user in azure active directory

Question

We have an application which uses Azure B2C and Azure Active Directory.

Problem: User A wants to set his specific email address. But this is not possible because User B already used this email address before. User B has a proxyaddresses entry for this email, although User B does not use the emailadress anymore.

We tried to remove the smtp entry in proxaddresses for User B:

1. Azure Portal --> Values for ProxyAddresses are not editable
2. Windows Powershell

Connect-AzureAD -TenantId <TenantID>
$User = Get-AzureADUser -ObjectId "<ObjectIDUserB>"
$User.ProxyAddresses //Displays all proxyaddresses(smtpEntries)
$User.ProxyAddresses.Remove("<smtpEntry>")
Set-AzureADUser -ObjectId "<ObjectIDUserB>" //But then there is no parameter for ProxyAddresses to update

Are we missing something here or is there another way to remove a proxyadress entry for a user in azure ad?

Answer 1

Not sure if AAD Powershell can make it. But there is a quick way to do this.

You can log into O365 admin center with an admin account.

Find the User B and click on it. After the user details open, click on Manage username and email.

Then you can click on "···" -> Delete alias to remove the smtp proxaddress.

Answer 2

There is a very simple answer, I fought this for hours today. Simply run a powershell script to add the "smtp" address back to the account that you are showing it was on, then run a powershell to remove it. We had never AD Synced this account... only thing I can think of is when it was removed a while back from Exchange, it got hung up in Azure.

Add:

Set-Mailbox [email protected] -EmailAddresses @{add="[email protected]"}

then Remove:

Set-Mailbox [email protected] -Emailaddresses @{remove="[email protected]"}

Answer 3

ProxyAddresses attribute for a unlicensed cloud-only user is read only unfortunately. There is a hacky workaround that will remove unwanted proxyAddresses for a cloud only unlicensed user though. Those steps are:

1. Soft-delete the user with the bad proxyAddress. Example: [email protected]

2. Create a dummy user [email protected] and update this dummy user's mail attribute with the SAME email that you want to remove from the user soft-deleted in step 1.

3. Using the MSOnline powershell module run the following cmds:

   Connect-MsolService
   Restore-MsolUser -UserPrincipalName [email protected] -AutoReconcileProxyConflicts
   

4. Confirm from Azure AD portal that the proxyAddress [email protected] has now been removed from [email protected] account. From Azure AD portal, you may now delete [email protected].

NOTE: This process is ONLY needed for a unlicensed cloud-only user. If user is a M365 liensed user you can use the M365 admin portal to remove the alias mentioned in another answer. If the user is a synchronized user from on-prem AD, then on-prem AD is the source of authority and you can update proxyAddress there and sync to AAD.