This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Azure AD ImmutableID

Hi,

we are running our MS Azure environment in an hybrid mode, meaning that our on-prem MS AD account GUID should be linked with the MS Azure AD Account ImmutableID attribute.

We are right now discussing if we should further use AD Connect to synchronize on-prem AD accounts to the Azure domain or should we use IAM functionality to generate the AAD account. In the second case it would be easier for us (no process has to wait an look till the AAD accounts was generated), we could turn off AD connect but we have to set the ImmutableID attribute right.

Has anybody solved this kind of issue ? any recommendations / feedback / lessons learned ?

Thank you

CU all

Wolfgang

Parents

0 Wolfgang Zwerch over 7 years ago

Hi Paul,
thanks for your fast replay. Just one technical question: If I understood it right, the on-prem AD account GUID will be "translated" and used as the ImmutalbleID in the Azure account. Only if this is done, the SSO functionality between on-prem AD and Azure will work.

Right now we found no functionality/parameter in the process of generating an AAD account to set the ImmutableID. Do you know how this have to be done?

Thanks so much
CU

Wolfgang
Cancel
Up 0 Down

Cancel

Reply

0 Wolfgang Zwerch over 7 years ago

Hi Paul,
thanks for your fast replay. Just one technical question: If I understood it right, the on-prem AD account GUID will be "translated" and used as the ImmutalbleID in the Azure account. Only if this is done, the SSO functionality between on-prem AD and Azure will work.

Right now we found no functionality/parameter in the process of generating an AAD account to set the ImmutableID. Do you know how this have to be done?

Thanks so much
CU

Wolfgang
Cancel
Up 0 Down

Cancel

Children

No Data