Obtaining your ImmutabeID the easy way because hard matching is a nightmare

Imagine, your company has just been brought by another organization. The acquiring company what you using Office 365 services as quick as possible so they create you a Cloud Only Account to leverage their existing tenant. Now imagine, you are 12 months into the acquisition and you want to have a single sign-on experience for your end-users.

Now you have a dilemma on your hands, as your primary user principle name on-premises is different from your UPN in the Azure Tenant.

WHAT DO YOU DO!!!

Image result for captain picard head in hand
What did I do??

You engage your Windows PowerShell Console in Administrator Mode and teleport in the Get-ImmutableID.ps1 PowerShell script

Image result for captain picard
Engage!!!
New Features coming soon!!

With this script, you are able to download all the ImmutableIDs from your local Active Directory into a single CSV file to your desktop.

Please Note:

If there are additional fields you would like to see in this script, please submit an update via Github or email alerts@blogabout.cloud

You will need some manual intervention matching your on-premises AD Users and AAD Users but once this is complete you will be able to run the following script to set the ImmutableID in your Azure Active Directory.

PowerShell Script


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
region File Path
 $Filepath1 = Get-Filename -initialdirectory "$env:USERNAME\desktop"
 $csv1 = Import-Csv -Path $filepath1
 endregion
 
Start-Transcript "env:userprofile\desktop\SetAllUserAADtest.txt"

 ForEach($user in $csv1){
 Try  
{ Get-AzureADUSer -ObjectId $user.primarysmtpaddress -ErrorAction Ignore Write-Host "Success:",$user.PrimarySMTPAddress,"was found and set with",$user.ImmutableID -BackgroundColor DarkGreen
Set-AzureADUser -ObjectID $user.PrimarySMTPAddress -ImmutableID $user.ImmutableID }
catch
{ Write-Host "ERROR:",$user.PrimarySMTPAddress,"could not be found" -BackgroundColor DarkRed }

Stop-Transcript

While this is a tried and tested in my own deployments, I am unable to take responsibility for any potential issues you may encounter. Keep safe with responsible scripting, always test in a lab environment first.

Regards
The Author – Blogabout.Cloud

Leave a Reply

Your email address will not be published. Required fields are marked *