DEFINITIVE GUIDE TO GOOGLE CONFLICTING ACCOUNTS

  • I do Google Workspace Administration to make living, and wanted to learn Google Conflicting accounts in great detail, so I can help impacted Google Workspace community better.

  • I started asking myself “what are Google Conflicting accounts, how do they get created, whats their impact, how to handle them and how to even restrict their creation”.

  • Let me share everything I learnt, and hopefully it would help you understand and deal with Google conflicting accounts along with stopping them from being created in future.

Chapters :

What is Google Conflicting Account - simple overview

WHAT YOU'LL LEARN

Setup solid foundation for using Google Enterprise applications by understanding Google Conflicting accounts, highly recommended for Google Workspace & Google Cloud platform administrators.

How to fix Google Conflicting Accounts

WHAT YOU'LL LEARN

Now, as you understand what are Google Conflicting accounts, let us understand our conflicting resolution options in details including pros and cons, and recommendations based on your scenario.

Google Conflicting Accounts and Google Cloud Directory Sync

WHAT YOU'LL LEARN

Now, before we fix Google Conflicting accounts, very important to understand how Google Cloud Directory Sync (GCDS) works with these conflicting accounts, Please do not run GCDS before you watch & understand this.

Google-Conflicting-Accounts-and-3rd-party-Identity-Provider

WHAT YOU'LL LEARN

If you are leveraging a 3rd party identity provider (e.g Okta, Azure AD) to provision users in Google, then please watch this video first to understand how it would impact your conflicting users.

Find Conflicting Accounts

WHAT YOU'LL LEARN

Your journey to fix Google Conflicting accounts will start from finding how many and which users have created consumer accounts with your corporate email domain, let me show you how to find and export them in csv file.

Fix Google Conflict Account by overriding consumer account

WHAT YOU'LL LEARN

After finding Google Conflicting accounts, now you would take one of the two available options to resolve the conflict, in this video, let us understand option one in great details and also see it in action.

0. Send transfer Invite

WHAT YOU'LL LEARN

Second option to resolve Google Conflicting account is to send account transfer request to impacted user, as this is the recommended option, let us understand it in details and see it in action.

0. Fix GTemp Account - Google Conflicting accounts

WHAT YOU'LL LEARN

Sometimes you would see cases where your users personal Google account is renamed to @gtempaccount.com and now there is a need to reverse this, let me show you how to do that in this video.

0. restrict google consumer account creation on your domain

WHAT YOU'LL LEARN

Best way to handle Google conflicting accounts is to restrict your users ability to create them in the first place, In this video I will show you to achieve this easy to follow step by step instructions.

FAQ

Most frequent questions and answers about Google Workspace Conflicting Accounts

User needs a Google Workspace license to access Google Drive, and would see an error page saying “You do not have access to this service” without the license.

Please ensure to assign your user a Google Workspace license so user can access Google Drive and see transferred data.

No, only users with your corporate email (e.g user@yourdomain.com) which were created directly with Google as consumer account are conflicting accounts.

@Gmail.com accounts (even if they have your company related data) are not conflicting accounts.

There are options to migrate data from any @gmail.com account to Google Workspace corporate accounts.

  • It might take Google sometime to sync the data and show you the conflicting accounts in Transfer Tool,  allow it couple of days after you verify the domain ownership.

  • Another case might be that you have this user’s consumer account email address as an alias email (and not as primary email address) in your Google Workspace. It will not show in transfer tool in this case.

  • The user has not created consumer account with their corporate email address, however has put corp email as an alternative email address in consumer account, transfer tool would not show this account as conflicting in this case.

  • As per Google, if the user has unsupported special characters in their email address. The user must update their username to remove the special characters before their account can be transferred.
  • No, as per Google’s public documentation there is no API available to deal with Google conflicting accounts.

Ask it in the comments below, and I would try to answer it (if i can) as soon as I get time.

25 thoughts on “Definitive Guide to Google Conflicting Accounts”

  1. Great guide! I have some question with Using IdP with unmanaged users scenario.

    We want to federate Google Cloud with Azure AD, and let AD provision users and SSO. but there are conflicting accounts already.
    1. Is there a solution for that?
    2. Your solution: Do not use IdP to create users who are Google conflicting accounts. Does it mean if I manage / create user who has conflicting account from AD, since AD will sync the user to GCI, it wont give the user the chance to transfer data, in another word, users will loose the data? please advice a solutuon

    1. Yes, Azure AD connector for Google Cloud uses Google’s Directory API to provision users, which does not detect whether the user to provision has a conflicting account or not, and it will straight away create the user, which means you would miss the opportunity to invite this user to transfer their data from unmanaged account to managed account.

      I would recommend following -:
      1. Download a csv of your unmanaged accounts from Google Admin console.
      2. Create a group in Azure with them as members (e.g lets call it conflicting-users-group@domain.com)
      3. When you do the provisioning in connector, I think you should be able to define the scope of provisioning with some rule (e.g only provision users who are not member of above group).

      1. Thanks for the great advice.
        Before I read your article I setup Azure provisioning & SSO, sync’d over 1 user to test and all worked fine. Now I’ve added 2 more with existing accounts and they didn’t get the email to covert the account, and now they’re setup in Google and conflicted.
        Is there any way to resolve this issue for the 2 users and transfer their accounts and get them out of the conflict? 1 has logged in, the other has not yet.
        unmanaged tool does not let me mail them to convert (as accounts now created in Google Identity I presume)

  2. Thank you so much for your detailed instructions here! Amazing.
    Here is my question:
    I created new Google Workplace. In the setup process there is a 3-step wizard. Step 2 is to add users. I added only one, as a test. The one I added I knew had a conflicting account so I expected to be prompted about it. I was not. It seems that it defaults to creating a new account and renaming the old account to @gtempaccount.com. Now what? Is it too late to transfer the assets, ect?

    After I added a user in the normal ‘Add user’ way and I was prompted. It was disappointing that I was not prompted when adding the user as part of the wizard. Unless I did something wrong?

    Let me know what you think. Thank you again!

  3. Hey!!
    Thanks for a great video, and it all made sense on what we are trying to do (even though I think Google should/could done a better job here).
    However, was to implement this today, and followed your instructions to point, even had my colleague watch me.
    Verification emails are still sent out to the address, which means they can still sign up.
    Also, in the Email log file, there is no trace of the email sent, so I wonder if the rules are not picked up or applied due to this.

    Anything I can look at, troubleshoot to see if I missed something. Been at this for a few hours now.

    Thanks

  4. Thank you for this information! It was helpful to increase my understanding, but I still have a question.

    Our small company was using Microsoft 365 and is switching to Google Workspace. The Workspace was created using our company emails, which we are currently using Outlook to access. Once I logged in to the new Google Workspace, I can access a gmail account that is THE SAME as the one I am still using with Outlook. I am not able to forward anything, as they are the same address and I’m at a loss of what to do next.

    If I send an email from my Google email, I can see it in Outlook as well. If I reply to that email in Outlook, the reply does not make it back to Gmail. All new mail ends up in Outlook, NOT gmail.
    Am I correct in thinking that we’ll need to create new email addresses in gmail and then forward to Outlook addresses, or is there another way around this?

    Thank you!

  5. Thanks for the helpful / clear article!

    What happens if a company HAD been using Google workspace, but have gone to another system (and transferred email to that new provider)? For example “user.abc@somecompany.com”

    * And the user STILL gets email at user.abc@somecompany.com (thru the new email provider).
    * Can they create a “google account” with user.abc@somecompany.com? (so other people can still share documents / files with their well-known user.abc@somecompany.com email address)?

    Or does Google block creation of a “new” Google account with the same email forever (even if the old google workspace setup?)

    Maybe one workaround would be to create a new gmail account (maybe user.abc.somecompany@gmail.com) and have it forward all emails to user.abc@somecompany.com? At least they only have one email inbox to monitor, though they have to remember to sign into google with user.abc.somecompany@gmail.com (as signing into user.abc@somecompany.com might prompt them to resubscribe to Google Workspace?)

    Thanks,
    Eric

    1. If you own the domain somecompany.com in this case, then you decide where the emails should be landing (e.g in google workspace or to some other email provider).

      To create a google account ending in @somecompany.com domain, one needs to verify to Google that he/she owns this email, which will not happen unless you have provided that user an email on this domain.

  6. Abdelrahman Zaki

    Thanks a lot, Goldy for this helpful guide.
    If I don’t want to transfer those accounts to be under my admin console but I want to delete them as I don’t want any unmanaged user to use my company domain name? Also, If I want to test can I create a Google unmanaged account ending by my domain name as I tried and I can only create a new account using gmail.com, not any other domain?
    Last question, Are the unmanaged accounts can use google services (send emails and calendar invitations) using my company’s domain?

    Thanks in advance:)

    1. Your welcome Abdelrahman.

      1. You can not, because these are consumer accounts where users have the ownership, not you / company / domain.

      2. You can do that, please look at article again, I showed you how to do it.

      3. No, email is not provided to unmanaged accounts, they can use other services like Google Drive, Ads, Analytics, youtube etc.

  7. Great guide! was very useful to fix a few mistakes in our migration process. I have a question on Google’s support statement regarding unmanaged users not showing in the list… “A synchronization hasn’t updated the data yet. This usually happens if you recently verified your domain. It might take a few hours for all accounts to appear.”

    We’ve waited over a day now and we still don’t see a critical account we need to migrate. Any idea on what to do in this instance?

  8. Thank you so much for your thorough breakdown! This is incredible. Do you have any insight into YouTube and data transfer? My organization’s YouTube channel exists on a conflicting account and I’m extremely concerned about losing the data (and more importantly, stats) in the transfer. Do you know if this information would stay intact if we used the data transfer tool? Thanks for your help.

    1. You’re welcome, glad you find this overview of Google conflicting accounts helpful.

      I have not tested with youtube, but I agree this is sensitive as you shouldn’t be taking any risk with your youtube channel.

      I would love to test it out in coming days as I get sometime, but in the meantime, I would recommend you to create a new channel in google account, and try converting this user to managed account.

  9. My company’s YouTube channel is owned by an employee’s conflicting unmanaged account, which is apparent because whenever the employee logs into YouTube, he gets the warning about having a conflicting account with the option to create a new @gmail.com account or an existing non-Google email address. However, the Transfer Tool for Unmanaged Users does not show the conflicting account; I think this may be because YouTube and file ownerships are already held by an @gtempaccount.com account.

    Our goal is to get rid of the conflict without losing our YouTube files and analytics. I think the solution is to create a @gmail.com account that will remove the conflict. I assume that the new @gmail.com account will own the YouTube files and analytics. We would then create a Google Brand Account that can be managed by anyone in our company.

    FWIW, I don’t think the option to transfer files from the conflicting account to an existing account at my company would work because our company uses Google Workspace. Therefore an existing email address at my company is a Google account. We tried this route and got an error message saying as much.

    1. This is because this account is not in conflict anymore, it seems you already created this account in Google admin console as a managed Google Workspace account, and that’s why this user lost this email (user@yourdomain.com) email address and getting option to rename it to @gmail.com id.

  10. David Gabrielsen

    I have taken over as a super admin for non-profit g suite account. (recovering the admin status was quite a chore.) There is a conflicting account associated with the login name, and is not identifiable as to who created it. The email name is info@w*******.org and I don’t know the password or the person that created the conflicting account. I don’t want to just delete it till I know what’s in it. Non-profit support people tend to come and go when it’s small and unpaid.

    1. I understand, I think your option is to send the invite to this user instead of creating it, so the user gets the email, and if you do not hear it in couple days, you may considering another reminder before making the decision to create this account.

  11. Hi There,
    After hours of searching for relevant information on the topic, you clearly have a deep understanding of all this. Here is my situation, please let me know if you’re able to assist:

    I am a one-man business, and in 2018, I signed up for G-Suite for one reason and one reason only: So I could have a custom domain. The domain I purchased through GoDaddy is “bohnhomes.com” and my email address is eric@bohnhomes.com. That’s it. No other users. Somewhere along the way, “eric@bohnhomes.com” is listed as Google account TWICE. I’ve always used Safari on my iPhone/iPad, but I am transitioning into a more Google-centric environment as far as adopting Google Drive (vs iCloud), Google Apps (instead of MSFT Office Suite), Google Calendar, etc, etc. And now I want to use Chrome (instead of Safari) on my devices. One ecosystem, more alignment.
    My Chrome app on my iPhone/iPad does not sync the Bookmarks to the Chrome on my laptop. Somehow it’s tied to A “eric@bohnhomes.com” user I created (one of two). And this particular one isn’t where I’ve been storing my bookmarks all these years. Long story short, I want my Chrome to bookmarks to sync in real time and I want to delete whatever this second account is, and prevent me from doing this again in the future. Is this something you could help me with, Sir?

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to Top