UpdateImmutableID: Difference between revisions

From UmsWiki
Jump to navigation Jump to search
← Older edit
VisualWikitext
Rum (talk | contribs)
78 edits
No edit summary
Rum (talk | contribs)
78 edits
No edit summary
 
Line 1: Line 1:
This article describes how to extract immutable ID on users from a local AD / OnPremise AD and how to link this to Office 365. This is usefull when using AADC and users cannot be edited directly in the cloud.  
This article describes how to extract immutable ID on users from a local AD / OnPremise AD and how to link this to Office 365. This is usefull when using AADC and users cannot be edited directly in the cloud.


====Step 1 - extract users as a list from SQL====
====Step 1 - extract users as a list from SQL====

Latest revision as of 13:36, 24 June 2019

This article describes how to extract immutable ID on users from a local AD / OnPremise AD and how to link this to Office 365. This is usefull when using AADC and users cannot be edited directly in the cloud.

Step 1 - extract users as a list from SQL

 select distinct STUDIENR from students
 where recordtype = 'employee'
 and action = 'add'

Save results as "C:\users.csv"

Step 2 - extract a list of Immutable ID's for users from local AD / onpremise

Run the following powershell (elevated) 

$usersTable = New-Object system.Data.DataTable “UsersTable”
 $column1 = New-Object System.Data.DataColumn userPrincipalName,
 ([String])
 $column2 = New-Object System.Data.DataColumn immutableId,
 ([String])
 $usersTable.Columns.Add($column1)
 $usersTable.Columns.Add($column2)
 $users=Import-Csv -Path users.csv -Header “userSamAccountName”
 foreach($user in $users)
 {
 $adUser = Get-ADUser -Identity $user.userSamAccountName
 $adUserGuid = $adUser.ObjectGUID
 $byteArray = $adUserGuid.ToByteArray()
 $immutableId = “”
 $immutableId = [system.convert]::ToBase64String($byteArray)
 $row = $usersTable.NewRow()
 $row.userPrincipalName = $adUser.userPrincipalName
 $row.immutableId = $immutableId
 $usersTable.Rows.Add($row)
 }
 $usersTable | Export-Csv “c:\UserExportIds.csv”

This will create a new CSV named UserExportIDs on c:\


Step 3 - update Immutable ID on users in Office 365

Change USERNAME@TENANT.onmicrosoft.com and USERPASSWORD in the following and run in powershell 

 $password = ConvertTo-SecureString -String "USERPASSWORD" -AsPlainText -Force
 $LiveCred = New-object -typename System.Management.Automation.PSCredential -argumentlist "USERNAME@TENANT.onmicrosoft.com", $Password
 $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell -Credential $LiveCred -Authentication Basic -AllowRedirection
 set-ExecutionPolicy remotesigned -Force
 Import-PSSession $Session
 Import-Module MSOnline
 Connect-MsolService -Credential $LiveCred
 $users = Import-Csv -Path “c:\UserExportIds.csv”
 foreach($user in $users)
 {
 Write-Output $user.userPrincipalName
 Set-MsolUser -UserPrincipalName $user.userPrincipalName -
 ImmutableId $user.immutableId
 }

The immutableID's have now been updated in Office 365.

Run AADC again and verify that users are linked correctly

Retrieved from "http://wiki.inlogic.dk/index.php?title=UpdateImmutableID&oldid=2973"