To get the immutableID value from a user (should be able to do similar with Get-MSOLUser if preferred):
$id = (Get-AzureADUser -ObjectId User@domain.com).immutableid
To convert that ID to hex for entry:
$hex=([system.convert]::FromBase64String("$id") | ForEach-Object ToString X2) -join ' '
To view the value in $hex:
$hex
The immutable id will be a value something like: fhG+Kox7LkaYwSIf6s6UFA==
The hex for that one is: 7E 11 BE 2A 8C 7B 2E 46 98 C1 22 1F EA CE 94 14
The hex value can be entered into the ms-DS-ConsistencyGUID attribute of the user object.
And converting from objectGUID to ImmutableID:
$immutableID = [system.convert]::ToBase64String(([GUID]($u.ObjectGUID)).tobytearray())
And converting ImmutableID to GUID:
$objectGUID = [Guid]([Convert]::FromBase64String($ImmutableID))
UPDATE: I've created a set of functions that you can use for conversions at https://byronwright.blogspot.com/2023/08/immutable-id-ms-ds-consistencyguid-and.html
No comments:
Post a Comment