Retrieve AAD user from local AD user info? RRS feed

  • Question

  • Is there a way to programmatically retrieve an Azure AD user ID from the local AD user's SID if they are connected via AAD Connect with Password Sync?
    Friday, July 31, 2015 1:27 AM


  • Hello,

    AAD and AD users are joined and identified by a Attribute called sourceAnchor/ImmutableID, which is a simple Base64Encode of the ADs ObjectGUID.

    So simple get the ObjectGUID of the user in local AD, do a Base64Encode and search AAD for the user where this value matches the ImmutableID.

    Here is some sample code for the Encode with PS from my blog:

    $GUIDbyte = (Get-ADUser peter).objectGUID.ToByteArray()
    $immuID = [System.Convert]::ToBase64String($GUIDbyte)


    Peter Stapf - ExpertCircle GmbH - My blog: JustIDM.wordpress.com

    • Proposed as answer by Kamalakar Kamsani Friday, July 31, 2015 4:00 PM
    • Marked as answer by dy955 Friday, July 31, 2015 4:14 PM
    Friday, July 31, 2015 9:18 AM