You have RM Unify AD Sync installed on your network, provisioning to an RM Unify establishment that is federated to Microsoft 365.

You delete and recreate an AD account, for example, jbloggs. The corresponding RM Unify account is deleted and recreated as expected, however, the user receives a new Microsoft 365 account/email address, with a numerically incremented suffix - jbloggs1@stmarys.sch.uk. You wish to re-connect the joebloggs account with their original Microsoft 365 account, jbloggs@stmarys.sch.uk.

The reason for this is best explained by an example.

Active Directory will only ever allow one jbloggs user to exist on the network. You know, for example, that this user is Joe Bloggs. RM Unify AD Sync synchronises your AD accounts to RM Unify and so there will only ever be one jbloggs@stmarys user in RM Unify. RM Unify will provision to Microsoft 365 and create a jbloggs@stmarys.sch.uk account\mailbox.

If Joe Bloggs now leaves the school and the AD account is deleted, the RM Unify account is also deleted and a 'delete' message is sent to Microsoft 365. In reality this is a message to unlicense the Microsoft 365 account and revoke access to it. The actual mailbox will remain in Microsoft 365 for 30 days before being hard-deleted (standard Microsoft behaviour); the Microsoft 365 account itself will be hard-deleted by RM Unify nine months after becoming unlicensed.

If a new user arrives at the school, Jane Bloggs, they are able to get a new jbloggs account created in AD and therefore also in RM Unify. RM Unify is aware, however, that it has previously provisioned an Microsoft 365 user with the account name jbloggs@stmarys.sch.uk, but by using a different AD identifier (objectID). This is a completely different user and so Jane Bloggs must not be given access to Joe Bloggs' mailbox. RM Unify, in the interests of personal data security, will instead create a new Microsoft 365 account with a unique, numeric, suffix, e.g jbloggs1@stmarys.sch.uk.

• an RM Unify super admin account

When an RM Unify user account is deleted, it is, in effect, 'soft-deleted'. At this point, the account itself has been deleted and cannot be used, however, the RM Unify super admin is still able to:

1. view the account - using the Deleted users view in the Users section of the Management Console, and can also
2. choose to 'hard-delete' it from the RM Unify database - using Actions, Hard delete user

When an RM Unify account is hard-deleted, the email address/addresses linked to it (in reality the Microsoft 365 and/or Google account) will also be deleted. This allows the email address to be reused by another RM Unify user account.

1. Log in to RM Unify as a super admin and navigate to the Users page.
2. From the View drop down, select Deleted users.
3. Locate the user account which currently holds the desired email address. Note: if you have a lot of deleted users you can use the main Actions menu on the page to Download all users in the group to a CSV file and search that instead.
4. For the desired, soft-deleted user account, select Actions, Hard delete user, read the warning notice and select OK to accept.
5. After approx. 5-10 minutes refresh the Deleted users page.
6. The user will be removed once the email address has been confirmed as deleted in Microsoft 365. Once the user has been removed, proceed to the next step.
7. Depending on which method you have chosen in your RM Unify establishment to assign email address (via AD Sync, or the Management Console), the desired email address can now be assigned to your RM Unify user.

Please raise a support call with the RM Unify support team with the following request:

RM Unify user <username> needs a Microsoft 365 email address reclaim. The user should be re-connected with <desired Microsoft 365 email address>.

Note: After a 90 day grace period all soft-deleted accounts are hard-deleted (permanently erased) by a scheduled RM Unify maintenance task.

The Restore user option (via the Actions button) is only available for accounts provisioned via RM Unify MIS Sync in Create mode.

To prevent this from happening in future we recommend changing to RM Unify Network Provisioning, which is included in your RM Unify Premium subscription.

With RM Unify Network Provisioning, you can ensure that your cloud and network accounts are always kept in sync, by driving user provisioning via RM Unify MIS Sync in Create mode. RM Unify accounts created from MIS can be used to provision your network accounts, be that Community Connect 4 (CC4) or vanilla, and because the unique identifier for those accounts exists in the cloud already, you will no longer experience 1-appended email addresses for recreated accounts for the same user. The full list of benefits are listed below:

• Simplified provisioning of your cloud (RM Unify, Microsoft 365, Google Workspace, etc.) accounts from MIS.
• Automatic, effortless provisioning of your network accounts.
• Bi-directional password sync - cloud to network/network to cloud.
• Automatic re-assignment of cloud accounts, email, etc. when recreating network accounts (i.e. no more Microsoft 365/Google Workspace email reclaims to log with RM Support).

For more information about the simple transition to RM Unify Network Provisioning, please refer to the following articles:

• RM Unify Network Provisioning: TEC5797903
• RM Unify Network Provisioning: prerequisites and preparation: TEC5797912
• FAQ for RM Unify Network Provisioning: TEC5832777
• Installation services for RM Unify Network Provisioning: TEC6284446