Forum Discussion
ImmutableID to Extensionattribute
Hello Charles,
There are two different queries in your request.
First - How to writeback Immutable ID to an Extension Attribute.
Second - ObjectID of cloud Accounts.
In Order to complete the first task,
Create and Outbound rule for AD connector that must map source anchor to extension attribute, below mentioned is an example,
Add-ADSyncAttributeFlowMapping `
-SynchronizationRule $syncRule[0] `
-Source @('sourceAnchor') `
-Destination 'msDS-cloudExtensionAttribute10' `
-FlowType 'Direct' `
-ValueMergeType 'Update' `
-OutVariable syncRule
Once the rule is created run a sync and you will find the extension attribute populated with source anchor.
For the second query, ObjectID is an attribute that belongs to Object Class and is a mandate attribute that will be populated for all the objects. (Synced or Cloud)
To check about the Object class you can run the below mentioned command on AzureAD powershell.
Get-AzureADUser | Get-Member
Let me know if you have any query.
Regards,
Rishabh
Hi Guys,
No issues using this solution, but it does add complexity which I agree needs to be documented and taken into consideration moving forward. As I say to my customers, if we can avoid creating bespoke config, less to worry about and maintain, but it’s not always possible 😊
@Rishabh – the key thing about the ms-DS-ConsistencyGuid attribute is, it’s writable. Massive win when you need to move objects between forests.
Reading Charles question again, it looks like he’s is trying to configure a user lifecycle application/script and needs a way to link workflows to Azure AD identities (sync’d or managed). If this is the case, maybe a simple script which returning users ObjectIDs will do the job?
Anyhoo – lots of interesting points.
@Charles – ObjectID is unique so you won’t run into any issues with reuse or duplication. Good luck!
