UpdateImmutableID: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
(12 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
This article describes how to extract immutable ID on users from a local AD / OnPremise AD and how to link this to Office 365. This is usefull when using AADC and users cannot be edited directly in the cloud. | |||
====Step 1 - extract users as a list from SQL==== | |||
select distinct STUDIENR from students | |||
where recordtype = 'employee' | |||
and action = 'add' | |||
Save results as "C:\users.csv" | |||
([String]) | ====Step 2 - extract a list of Immutable ID's for users from local AD / onpremise==== | ||
Run the following powershell (elevated) | |||
$usersTable = New-Object system.Data.DataTable “UsersTable” | |||
$column1 = New-Object System.Data.DataColumn userPrincipalName, | |||
([String]) | |||
$column2 = New-Object System.Data.DataColumn immutableId, | |||
([String]) | |||
$usersTable.Columns.Add($column1) | |||
$usersTable.Columns.Add($column2) | |||
$users=Import-Csv -Path users.csv -Header “userSamAccountName” | |||
foreach($user in $users) | |||
{ | |||
$adUser = Get-ADUser -Identity $user.userSamAccountName | |||
$adUserGuid = $adUser.ObjectGUID | |||
$byteArray = $adUserGuid.ToByteArray() | |||
$immutableId = “” | |||
$immutableId = [system.convert]::ToBase64String($byteArray) | |||
$row = $usersTable.NewRow() | |||
$row.userPrincipalName = $adUser.userPrincipalName | |||
$row.immutableId = $immutableId | |||
$usersTable.Rows.Add($row) | |||
} | |||
$usersTable | Export-Csv “c:\UserExportIds.csv” | |||
This will create a new CSV named UserExportIDs on c:\ | |||
<br /> | |||
====Step 3 - update Immutable ID on users in Office 365==== | |||
Change USERNAME@TENANT.onmicrosoft.com and USERPASSWORD in the following and run in powershell | |||
$ | $password = ConvertTo-SecureString -String "USERPASSWORD" -AsPlainText -Force | ||
$LiveCred = New-object -typename System.Management.Automation.PSCredential -argumentlist "USERNAME@TENANT.onmicrosoft.com", $Password | |||
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell -Credential $LiveCred -Authentication Basic -AllowRedirection | |||
set-ExecutionPolicy remotesigned -Force | |||
Import-PSSession $Session | |||
Import-Module MSOnline | |||
Connect-MsolService -Credential $LiveCred | |||
$users = Import-Csv -Path “c:\UserExportIds.csv” | |||
foreach($user in $users) | |||
{ | |||
Write-Output $user.userPrincipalName | |||
Set-MsolUser -UserPrincipalName $user.userPrincipalName - | |||
ImmutableId $user.immutableId | |||
} | |||
The immutableID's have now been updated in Office 365. | |||
Run AADC again and verify that users are linked correctly | |||
Latest revision as of 13:36, 24 June 2019
This article describes how to extract immutable ID on users from a local AD / OnPremise AD and how to link this to Office 365. This is usefull when using AADC and users cannot be edited directly in the cloud.
Step 1 - extract users as a list from SQL
select distinct STUDIENR from students where recordtype = 'employee' and action = 'add'
Save results as "C:\users.csv"
Step 2 - extract a list of Immutable ID's for users from local AD / onpremise
Run the following powershell (elevated)
$usersTable = New-Object system.Data.DataTable “UsersTable” $column1 = New-Object System.Data.DataColumn userPrincipalName, ([String]) $column2 = New-Object System.Data.DataColumn immutableId, ([String]) $usersTable.Columns.Add($column1) $usersTable.Columns.Add($column2) $users=Import-Csv -Path users.csv -Header “userSamAccountName” foreach($user in $users) { $adUser = Get-ADUser -Identity $user.userSamAccountName $adUserGuid = $adUser.ObjectGUID $byteArray = $adUserGuid.ToByteArray() $immutableId = “” $immutableId = [system.convert]::ToBase64String($byteArray) $row = $usersTable.NewRow() $row.userPrincipalName = $adUser.userPrincipalName $row.immutableId = $immutableId $usersTable.Rows.Add($row) } $usersTable | Export-Csv “c:\UserExportIds.csv”
This will create a new CSV named UserExportIDs on c:\
Step 3 - update Immutable ID on users in Office 365
Change USERNAME@TENANT.onmicrosoft.com and USERPASSWORD in the following and run in powershell
$password = ConvertTo-SecureString -String "USERPASSWORD" -AsPlainText -Force $LiveCred = New-object -typename System.Management.Automation.PSCredential -argumentlist "USERNAME@TENANT.onmicrosoft.com", $Password $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell -Credential $LiveCred -Authentication Basic -AllowRedirection set-ExecutionPolicy remotesigned -Force Import-PSSession $Session Import-Module MSOnline Connect-MsolService -Credential $LiveCred $users = Import-Csv -Path “c:\UserExportIds.csv” foreach($user in $users) { Write-Output $user.userPrincipalName Set-MsolUser -UserPrincipalName $user.userPrincipalName - ImmutableId $user.immutableId }
The immutableID's have now been updated in Office 365.
Run AADC again and verify that users are linked correctly