Recently, in working with an educational institution on issues their students were having logging into Office 365 after the mandatory upgrade from Microsoft, we stumbled on a problem and fix that resolved issues many students were having with their account after the upgrade.
With the move to Office 365 to the dismay of many users, Microsoft has decided to split the email portion and Skydrive portion of the services that were under one umbrella of Live@Edu. With this change they are doing some fancy routing in the backend to shift users to either site depending on the service they are trying to get to. Apparently, in this process some institutions upgrades went south and left many with large numbers of students who could not log in.
Take a look at this thread which addresses this issue, however, with no workaround listed: https://community.office365.com/en-us/forums/158/t/111748.aspx
The symptoms that were seen at the institution were that when the student hit the federation server that was located on campus, on successful login, the student was not directed to their Exchange online mailbox and where instead directed to https://login.live.com
No errors were recorded on the federation server from the login attempt, so we knew that federation services was doing the job it was supposed to do. Some users went were they should have gone and the other users were taken to login.live.com.
Above is the screenshot to the command that made all the difference with the issue at the institution. The issue was resolved by running the command to change the User Principal Name of the user to one of the other user principle names that was listed as the available domains of the user, in this case onmicrosoft.com and then setting the UPN back to the institution’s UPN suffix.
|Set-MsolUserPrincipalName -UserPrincipalName [email protected] –NewUserPrincipalName [email protected]then run|
Literally, after running the command on all users hosted with office 365, the logins worked after the UPN was changed and then changed back. Evidently, something happened with the upgrade that corrupted the association with Office 365. Changing the UPN and then back evidently forces a good sync on the account to associate it with the right service.
If determined that the above works, it is easy enough to write a script which will perform this commandlet on all users in the cloud.