Problem: You created a Cloud User and gave it the vanity domain in the UserName, and later you federate that domain, but this user isn’t from Your Active Directory. So ofcourse the login will fail for this user.
As long as this domain is Federated the Admin Center will not allow you to change or create Cloud Users for this Federated domain. Which makes seens because in order to login the user must be in Your local Active Directory for federation to authorize him.
Solution: PowerShell 🙂
Connect to AAD/Office 365 With PowerShell and Azure Module:
Set-MsolUserPrincipalName -UserPrincipalName <old username> -NewUserPrincipalName <new username>
This way you are allowed to change a User to a different vanity domain which isn’t Federated or is Federated With a different Active Directory, or just Your onmicrosoft.com domain.