UpdateImmutableID: Difference between revisions

From UmsWiki
Jump to navigation Jump to search
Rum (talk | contribs)
No edit summary
Rum (talk | contribs)
No edit summary
 
(10 intermediate revisions by the same user not shown)
Line 1: Line 1:
<nowiki>
This article describes how to extract immutable ID on users from a local AD / OnPremise AD and how to link this to Office 365. This is usefull when using AADC and users cannot be edited directly in the cloud.


<code></nowiki>
====Step 1 - extract users as a list from SQL====
  select distinct STUDIENR from students
  where recordtype = 'employee'
  and action = 'add'


$usersTable = New-Object system.Data.DataTable “UsersTable”
Save results as "C:\users.csv"


$column1 = New-Object System.Data.DataColumn userPrincipalName,
====Step 2 - extract a list of Immutable ID's for users from local AD / onpremise====
Run the following powershell (elevated)
$usersTable = New-Object system.Data.DataTable “UsersTable”
  $column1 = New-Object System.Data.DataColumn userPrincipalName,
  ([String])
  $column2 = New-Object System.Data.DataColumn immutableId,
  ([String])
  $usersTable.Columns.Add($column1)
  $usersTable.Columns.Add($column2)
  $users=Import-Csv -Path users.csv -Header “userSamAccountName”
  foreach($user in $users)
  {
  $adUser = Get-ADUser -Identity $user.userSamAccountName
  $adUserGuid = $adUser.ObjectGUID
  $byteArray = $adUserGuid.ToByteArray()
  $immutableId = “”
  $immutableId = [system.convert]::ToBase64String($byteArray)
  $row = $usersTable.NewRow()
  $row.userPrincipalName = $adUser.userPrincipalName
  $row.immutableId = $immutableId
  $usersTable.Rows.Add($row)
  }
  $usersTable | Export-Csv “c:\UserExportIds.csv”
This will create a new CSV named UserExportIDs on c:\


([String])
<br />


$column2 = New-Object System.Data.DataColumn immutableId,
====Step 3 - update Immutable ID on users in Office 365====
Change USERNAME@TENANT.onmicrosoft.com and USERPASSWORD in the following and run in powershell


([String])
  $password = ConvertTo-SecureString -String "USERPASSWORD" -AsPlainText -Force
  $LiveCred = New-object -typename System.Management.Automation.PSCredential -argumentlist "USERNAME@TENANT.onmicrosoft.com", $Password
  $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell -Credential $LiveCred -Authentication Basic -AllowRedirection
  set-ExecutionPolicy remotesigned -Force
  Import-PSSession $Session
  Import-Module MSOnline
  Connect-MsolService -Credential $LiveCred
  $users = Import-Csv -Path “c:\UserExportIds.csv”
  foreach($user in $users)
  {
  Write-Output $user.userPrincipalName
  Set-MsolUser -UserPrincipalName $user.userPrincipalName -
  ImmutableId $user.immutableId
  }
The immutableID's have now been updated in Office 365.


$usersTable.Columns.Add($column1)
Run AADC again and verify that users are linked correctly
 
$usersTable.Columns.Add($column2)
 
$users=Import-Csv -Path users.csv -Header “userSamAccountName”
 
foreach($user in $users)
 
{
 
$adUser = Get-ADUser -Identity $user.userSamAccountName
 
$adUserGuid = $adUser.ObjectGUID
 
$byteArray = $adUserGuid.ToByteArray()
 
$immutableId = “”
 
$immutableId = [system.convert]::ToBase64String($byteArray)
 
$row = $usersTable.NewRow()
 
$row.userPrincipalName = $adUser.userPrincipalName
 
$row.immutableId = $immutableId
 
$usersTable.Rows.Add($row)
 
}
 
$usersTable | Export-Csv “c:\Users\Inlogic\UserExportIds.csv”
 
 
<nowiki></code></nowiki>

Latest revision as of 13:36, 24 June 2019

This article describes how to extract immutable ID on users from a local AD / OnPremise AD and how to link this to Office 365. This is usefull when using AADC and users cannot be edited directly in the cloud.

Step 1 - extract users as a list from SQL

 select distinct STUDIENR from students
 where recordtype = 'employee'
 and action = 'add'

Save results as "C:\users.csv"

Step 2 - extract a list of Immutable ID's for users from local AD / onpremise

Run the following powershell (elevated)

$usersTable = New-Object system.Data.DataTable “UsersTable”
 $column1 = New-Object System.Data.DataColumn userPrincipalName,
 ([String])
 $column2 = New-Object System.Data.DataColumn immutableId,
 ([String])
 $usersTable.Columns.Add($column1)
 $usersTable.Columns.Add($column2)
 $users=Import-Csv -Path users.csv -Header “userSamAccountName”
 foreach($user in $users)
 {
 $adUser = Get-ADUser -Identity $user.userSamAccountName
 $adUserGuid = $adUser.ObjectGUID
 $byteArray = $adUserGuid.ToByteArray()
 $immutableId = “”
 $immutableId = [system.convert]::ToBase64String($byteArray)
 $row = $usersTable.NewRow()
 $row.userPrincipalName = $adUser.userPrincipalName
 $row.immutableId = $immutableId
 $usersTable.Rows.Add($row)
 }
 $usersTable | Export-Csv “c:\UserExportIds.csv”

This will create a new CSV named UserExportIDs on c:\


Step 3 - update Immutable ID on users in Office 365

Change USERNAME@TENANT.onmicrosoft.com and USERPASSWORD in the following and run in powershell

 $password = ConvertTo-SecureString -String "USERPASSWORD" -AsPlainText -Force
 $LiveCred = New-object -typename System.Management.Automation.PSCredential -argumentlist "USERNAME@TENANT.onmicrosoft.com", $Password
 $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell -Credential $LiveCred -Authentication Basic -AllowRedirection
 set-ExecutionPolicy remotesigned -Force
 Import-PSSession $Session
 Import-Module MSOnline
 Connect-MsolService -Credential $LiveCred
 $users = Import-Csv -Path “c:\UserExportIds.csv”
 foreach($user in $users)
 {
 Write-Output $user.userPrincipalName
 Set-MsolUser -UserPrincipalName $user.userPrincipalName -
 ImmutableId $user.immutableId
 }

The immutableID's have now been updated in Office 365.

Run AADC again and verify that users are linked correctly