List Office 365 ImmutableIDs Using PowerShell for Okta Provisioning
Last Updated:
Overview
ImmutableID mismatches cause provisioning issues from Okta to Office 365. Resolve these mismatches by using PowerShell to retrieve a list of Office 365 ImmutableIDs for verification.
NOTE: PowerShell is a Microsoft product; contact Microsoft support if assistance is required with PowerShell and the ImmutableID.
Applies To
- Okta Identity Engine (OIE)
- Okta Classic Engine
- Office365 (O365 / M365) provisioning
- Azure/MS PowerShell/Windows machine
- Okta Integration Network (OIN)
Solution
Install the required Microsoft Graph PowerShell SDK module, authenticate with Azure Active Directory, and run commands to retrieve the ImmutableIDs for all users or a specific user.
- Read and install the required software on the machine as described in Microsoft Documentation: Connect with the Microsoft Azure Active Directory Module for Windows PowerShell.
-
Launch PowerShell as an Administrator.
-
Install the Microsoft Graph PowerShell SDK module: Install-Module Microsoft.Graph.
-
Wait for the package to install, then type the following to enter Office 365 admin credentials and connect to Azure Active Directory via PowerShell: Connect-MgGraph -Scopes
User.Read.All. -
Run the following command to get immutableIDs for all users:
Get-MgUser -All | Select-Object DisplayName, UserPrincipalName, OnPremisesImmutableId
-
Run the following command to get the immutableID for a specific user:
Get-MgUser -UserId "user@yourdomain.com" | Select-Object DisplayName, UserPrincipalName, OnPremisesImmutableId
