Best Practices for Handling Email Changes in ISC Tenant

selvasanthosh · September 22, 2025, 4:08pm

For Technical Implementation:

Use Business Process Rules (BPR) for email uniqueness validation rather than transforms. This allows real-time validation during provisioning.
Configure Attribute Synchronization properly:
- Go to Admin > Connections > Sources > [Your AD Source] > Account Management > Attribute Sync
- Enable sync for mail, proxyAddresses, and userPrincipalName attributes
Implement ProxyAddresses Strategy:
- Always preserve old email as alias: smtp:old.email@domain.com
- Set new email as primary: SMTP:new.email@domain.com

For Minimizing User Disruption:

Maintain Email Aliases: Keep old email addresses active as aliases indefinitely for legacy application support
Staged Rollout: Implement changes in phases rather than bulk updates
Clear Communication: Notify users well in advance with impact timelines

For Non-ISC Connected Applications:

Create an application inventory to identify systems using email for authentication
Coordinate with application owners for manual updates where needed
Consider implementing a grace period where both emails remain active

Key Documentation References:

Hope this helps!

Topic		Replies	Views
Update Email and ProxyAddress ISC Discussion and Questions identity-security-cloud	3	129	May 18, 2025
Change UserPrincipalName (UPN) ISC Discussion and Questions	2	1581	July 19, 2023
Unique Mail Attribute using Searchable Attributes ISC Discussion and Questions	1	1010	July 19, 2023
Display Name/ Email Update on AD whenever last name changes on Identity Attribute ISC Discussion and Questions workflows , identity-security-cloud , provisioning	5	271	September 27, 2024
IdentityNow LCM state chaging user email notification - and LCM email template ISC Discussion and Questions	3	2213	July 19, 2023