When you attempt to provision OneDrive for a new user in Microsoft 365, the process may fail silently or return an error if the user’s display name or user principal name contains special characters such as &, %, #, +, or accented letters. This failure occurs because OneDrive’s provisioning service cannot parse certain characters in the user object properties that are passed from Azure Active Directory. This article explains why special characters break provisioning, provides step-by-step instructions to resolve the issue, and covers related failure patterns you may encounter.
Key Takeaways: Fixing OneDrive Provisioning for Users With Special Characters
- Azure AD user properties > Name or UserPrincipalName: Remove or replace special characters like &, %, #, +, and accented letters before provisioning OneDrive.
- Microsoft 365 admin center > Users > Active users > Edit name: Update the user’s display name and UPN to use only standard alphanumeric characters and hyphens.
- PowerShell Set-AzureADUser cmdlet: Bulk-edit user names and UPNs for existing users whose provisioning failed due to special characters.
Why Special Characters Break OneDrive Provisioning
OneDrive provisioning relies on the user object in Azure Active Directory. When you assign a OneDrive license to a user or run the provisioning process manually, the service reads the user’s display name and user principal name to create the personal site URL and storage location. The URL format is https://tenant-my.sharepoint.com/personal/displayname_domain_onmicrosoft_com. Special characters such as &, %, #, +, @, and accented letters like é, ü, or ñ are not valid in SharePoint site URLs. The provisioning engine attempts to encode these characters, but the encoding can produce an invalid URL or cause the site creation to fail.
Another common trigger is the presence of a plus sign (+) in the email address or UPN. For example, a user named user+test@contoso.com will cause provisioning to fail because the plus sign is interpreted as a space in URL encoding. Similarly, the ampersand (&) can break the query string parsing during the site provisioning call. The root cause is always the same: the provisioning pipeline expects clean, URL-safe characters in the user object fields.
Steps to Fix OneDrive Provisioning for Users With Special Characters
The fix requires cleaning the user’s display name and user principal name in Azure Active Directory. After making the changes, you must trigger provisioning again. Follow these steps in order.
- Identify the affected user
Open the Microsoft 365 admin center. Go to Users > Active users. Locate the user whose OneDrive provisioning failed. Note the display name and the email address or UPN shown in the list. - Edit the display name
Click the user’s name to open the details panel. Select Manage contact information. In the Name section, remove or replace any special characters. Replace & with and, remove accented letters with their plain equivalents, and delete characters like % and #. Use only letters A-Z, numbers 0-9, hyphens, and spaces. Click Save changes. - Change the user principal name if needed
If the UPN contains a plus sign, &, or other special characters, you must change it. In the same user details panel, select Manage username and email. Under User name, remove any special characters. For example, changeuser+test@contoso.comtouser-test@contoso.com. Click Save changes. Note: Changing the UPN affects the user’s sign-in email address. Notify the user of the new UPN. - Wait for Azure AD sync
After saving, wait 15 to 30 minutes for the changes to propagate across Azure Active Directory and SharePoint Online. If you use Azure AD Connect with on-premises Active Directory, trigger a delta sync from the Azure AD Connect server or wait for the next scheduled sync cycle. - Trigger OneDrive provisioning manually
Go to SharePoint admin center > More features > User profiles. Under People, click Manage user profiles. Search for the user by the new display name or UPN. Select the user and click Create OneDrive. The provisioning process should now complete without errors.
Alternative Method: Use PowerShell to Clean and Provision
For bulk operations or if the admin center does not allow editing the UPN, use the Azure Active Directory PowerShell module.
- Connect to Azure AD
Open Windows PowerShell as an administrator. RunConnect-AzureADand sign in with a Global Admin account. - Get the current user object
Run$user = Get-AzureADUser -ObjectId "user@contoso.com". Replace the email address with the affected user’s current UPN. - Update the display name
RunSet-AzureADUser -ObjectId $user.ObjectId -DisplayName "New Display Name". Use a name without special characters. - Update the user principal name
RunSet-AzureADUser -ObjectId $user.ObjectId -UserPrincipalName "newuser@contoso.com". Use a UPN that contains only letters, numbers, hyphens, and the @ symbol. - Trigger OneDrive provisioning via SharePoint PnP PowerShell
Install the PnP PowerShell module if needed. RunConnect-PnPOnline -Url https://contoso-admin.sharepoint.com -Interactive. Then runRequest-PnPOneDriveProvisioning -User "newuser@contoso.com".
If OneDrive Provisioning Still Fails After Cleaning the Name
OneDrive Provisioning Fails With Error Code -2147024809
This error indicates that the user object still contains an invalid property. Check the Department and Job Title fields in Azure AD. These fields are sometimes included in the provisioning call. Remove any special characters from those fields as well. Then retrigger provisioning.
OneDrive Provisioning Fails for Users With a Plus Sign in Their Email Alias
The plus sign is a common cause of provisioning failure because it creates an ambiguous URL. The only fix is to change the UPN to remove the plus sign. You cannot provision OneDrive for a user whose UPN contains a plus sign. After changing the UPN, the user will sign in with the new address. Ensure that you update any application or service that uses the old UPN for authentication.
OneDrive Provisioning Fails for Users With Accented Characters in Their Name
Accented characters such as é, ü, or ñ are URL-encoded by the provisioning service, but the resulting URL may exceed SharePoint’s path length limit or contain invalid encoding sequences. Replace accented characters with their plain Latin equivalents. For example, change José to Jose and Müller to Mueller. After making the changes, wait for sync and reprovision.
Clean Display Name vs Original UPN: Key Differences for Provisioning
| Item | Clean Display Name | Original UPN With Special Characters |
|---|---|---|
| Character set allowed | Letters A-Z, numbers 0-9, hyphens, spaces | May include &, %, #, +, @, accented letters |
| Provisioning success rate | Nearly 100% | Fails in most cases |
| URL generation | Creates a valid SharePoint site URL | Creates an invalid or unresolvable URL |
| User sign-in impact | No change if only display name is edited | User cannot sign in if UPN is changed without notification |
| Bulk editing method | PowerShell Set-AzureADUser -DisplayName | PowerShell Set-AzureADUser -UserPrincipalName |
After cleaning the user’s display name and UPN, OneDrive provisioning will succeed. The personal site URL will be based on the cleaned name, which guarantees that all SharePoint Online features work correctly. For future user creation, enforce a naming policy that excludes special characters from display names and UPNs to avoid this issue entirely.