Here’s a small Friday afternoon snippet of useful information for all you Office 365/Identity nerds out there.
If you have converted an AAD user from ‘Synced with Active Directory’ to ‘In Cloud’ and you want to sync a new user object with that user, you will need to clear the ImmutableID and then match it up with the new user object. I’m planning on creating a more extensive post on that very subject in the near future, but for now, I’ll give you this titbit of information:
Clearing the ImmutableID is done using the Powershell command:
Set-MSOLUser -UserPrincipalName email@example.com -ImmutableID "$null"
You might think that those quote marks are a bit pointless, but you would be wrong! If you were to run the command as shown below, without the “” marks, it wouldn’t show you an error, but it also wouldn’t actually clear the ImmutableID.
Set-MSOLUser -UserPrincipalName firstname.lastname@example.org -ImmutableID $null
As with all things PowerShell, syntax is everything!