Wrong 'executing account name' on Azure AD joined machines (Windows 11, Autopilot)

Currently we have 'Azure AD Domain Services' activated in our tenant, which is a managed AD through Azure. Data is being synchronised between Azure and the managed AD. We're preparing to migrate away from this solution, so we can go full cloud using Intune and Azure AD as identity provider.

I started testing on migrating some machines for testing. Everything went fine: the machines were 'Azure AD joined' and enrolled using Autopilot. After a while I noticed some (legacy) software was not working as intended. Did some research and I found out the username on the machines was not always in the same format.

For example, the user 'Jason Green'. If this user logs on to our Azure AD joined-machine, the user profile is created as C:\Users\JasonGreen. But if I ask another user (for example: Harry Smith) to log on to that same machine, the user profile is created as C:\Users\h.smith. So there is variation in the user profile name.

Other users experiencing the same:

• How can I configure the user profile / SAM account name in Azure AD that I got with Office 365 (or Microsoft 365 Business)?
• https://community.spiceworks.com/topic/2034721-set-azure-ad-join-default-user-profile-name
• https://stackoverflow.com/questions/33016155/azure-ad-and-windows-10-and-username

Because we have software assigning specific settings based on the username, I can't get it to work properly. Users with the format C:\Users\JasonGreen do get the settings, but users with format C:\Users\h.smith do not.

After some more research I also collected the following output from the command dsregcmd /status.

First user logging on to the machine (working situation):

AadRecoveryEnabled : NO
Executing Account Name : AzureAD\JasonGreen, [email protected]
KeySignTest : PASSED

Second user logging on to the same machine (non-working situation):

AadRecoveryEnabled : NO
Executing Account Name : DOMAIN\h.smith, [email protected]
KeySignTest : PASSED

Notice how there's no AzureAD\ in the Executing Account Name-field, but instead the local domain name is being shown.

Important to know: we did install and configure Azure AD Connect in the past, but just for testing purposes. After a few hours we decided this solution would not work for us, as we did not had a local AD to synchronise to Azure. Therefore we uninstalled the software. See here: https://i.imgur.com/5ypQOOG.png

To be sure, I did check if we still have any old settings enabled, such as federation settings, but that was not the case.

I've pretty much tried everything I can think of, but I really don't understand what is causing the variation in user profile names. If someone has a suggestion, please let me know! Thanks for reading :-)