AADDS: Remove username collision limitation
Mike Stephens commented
Ha-- I would love to, but this is a constraint of AD DS and is not specific to Azure AD Domain Services. SamAccountName is unique to a domain. UserPrincipalName is unique to the forest. Azure AD Domain Services is a single domain, single forest. Azure AD can store users from multiple forests, which means two users with the same on-premises SamAccountName can exist in Azure AD. As mentioned, Active Directory does not allow this. To allow the user to sync and authenticate to Azure AD Domain Services, we resolve the name conflict. The user can still authenticate using their UserPrincipalName. We'll decline this request.
Senior Program Manager
IAM Core | Domain Services
Rasmus W. commented
Even after giving one user a new username in the Azure AD, it still won't sync both users to AADDS.
Please fix or provide guidance as to how to force a new sync of all users.