Link to home
Start Free TrialLog in
Avatar of Jakob Digranes
Jakob DigranesFlag for Norway

asked on

Office365 - change ADSync domain

Hi
I've got this working before - but not quite like this. Done this:
* migrated from old.domain to new.domain on-premise
* disabled dirsync in office365.tenant
* stoppet dirsync on old.domain
* installed dirsync in new.domain

But - in Office365 user have this UserPrincipalName:
username@old.domain and ImmutableID: 1234abcd

in new.domain ObjectGUID is not migrated and username is username@new.domain

How can we match users in new.domain on-prem with Office365? any experiences?
* we've looked into changing source anchor. Pros and cons?
* anyway to matchin without changing immutableID?
* if we change immutable ID - what consequences? only service in office365 is sharepoint
ASKER CERTIFIED SOLUTION
Avatar of Adam Drayer
Adam Drayer
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of Vasil Michev (MVP)
Vasil Michev (MVP)
Flag of Bulgaria image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Jakob Digranes

ASKER

Hi Adam .... yeah - we thought of that as one solution; but as I asked. What are the consequences in Office365 when changing immutable ID. Read somewhere that file permissions in OneDrive is locked towards ImmutableID
Jakob,

I have never heard of that. I can see it being the ObjectID in Azure. But that's a different attribute.  That attribute is the unique ID for the Azure user, similar to the ObjectGUID on-prem.  The ImmutableID is is just for linking identities.  As far as I am aware the only consequence of changing or removing the ImmutableID would be that the Office 365 user is no longer linked to the on-premise account.  But if there is concern, you should test it on a few users first.