Monday, October 26, 2020

Convert ImmutableID to Hex for AD



To get the immutableID value from a user (should be able to do similar with Get-MSOLUser if preferred):

$id = (Get-AzureADUser -ObjectId User@domain.com).immutableid


To convert that ID to hex for entry: 

$hex=([system.convert]::FromBase64String("$id") | ForEach-Object ToString X2) -join ' '

To view the value in $hex:

$hex

The immutable id will be a value something like: fhG+Kox7LkaYwSIf6s6UFA==

The hex for that one is: 7E 11 BE 2A 8C 7B 2E 46 98 C1 22 1F EA CE 94 14

The hex value can be entered into the ms-DS-ConsistencyGUID attribute of the user object.

And converting from objectGUID to ImmutableID:

$immutableID = [system.convert]::ToBase64String(([GUID]($u.ObjectGUID)).tobytearray())

And converting ImmutableID to GUID:  

$objectGUID = [Guid]([Convert]::FromBase64String($ImmutableID))
 
UPDATE: I've created a set of functions that you can use for conversions at https://byronwright.blogspot.com/2023/08/immutable-id-ms-ds-consistencyguid-and.html


No comments:

Post a Comment