Avatar of Jakob Digranes
Jakob Digranes
Flag for Norway asked on

Office365 - change ADSync domain

Hi
I've got this working before - but not quite like this. Done this:
* migrated from old.domain to new.domain on-premise
* disabled dirsync in office365.tenant
* stoppet dirsync on old.domain
* installed dirsync in new.domain

But - in Office365 user have this UserPrincipalName:
username@old.domain and ImmutableID: 1234abcd

in new.domain ObjectGUID is not migrated and username is username@new.domain

How can we match users in new.domain on-prem with Office365? any experiences?
* we've looked into changing source anchor. Pros and cons?
* anyway to matchin without changing immutableID?
* if we change immutable ID - what consequences? only service in office365 is sharepoint
Microsoft 365

Avatar of undefined
Last Comment
Adam Drayer

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
Adam Drayer

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
SOLUTION
Vasil Michev (MVP)

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
Jakob Digranes

ASKER
Hi Adam .... yeah - we thought of that as one solution; but as I asked. What are the consequences in Office365 when changing immutable ID. Read somewhere that file permissions in OneDrive is locked towards ImmutableID
Adam Drayer

Jakob,

I have never heard of that. I can see it being the ObjectID in Azure. But that's a different attribute.  That attribute is the unique ID for the Azure user, similar to the ObjectGUID on-prem.  The ImmutableID is is just for linking identities.  As far as I am aware the only consequence of changing or removing the ImmutableID would be that the Office 365 user is no longer linked to the on-premise account.  But if there is concern, you should test it on a few users first.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy