Azure AD: User Identities

Question

Hi,
I have an app that needs to work with OnPremise AD and Azure AD.. Currently we are obtaining the logged in user via a windows API. Same value can be seen when using command line tools:

• whoami
• dsregcmd /status

Now when the user is a pure Azure AD user (I.E. machine is not joined to onpremise AD and user only exists in Azure AD) we see the following:

• whoami - azuread**surnameforename or azuread**forenamesurname
• dsregcmd / status (Executing Account Name) - azuread**surnameforename or azuread**forenamesurname and the usersemailaddress.

So here is the questions/issues:

1. I've checked https://learn.microsoft.com/en-us/graph/api/resources/user?view=graph-rest-1.0 and output of graph requests and can't see an attribute for this... Am I missing something?
2. The value here seems to match the displayname with any non samaccountname characters removed. However the display name is not unique. When you have 2 users with the same value you see the second user has the following suffixed added _x1as1of

Any thoughts on this, as it seems a little odd

Thanks

Answer 1

Did some digging seems that Microsoft opted to used the displayname and has been like that for 12 years!

So can't see it changing.. :(

Answer 2

Hi @whgibbo , for Microsoft graph,

you can use the GET /users/{id | userPrincipalName} endpoint to get information about users in your AD tenant. And use $select to get the other properties and relationships for the user object. Hope this help you. Best Wishes.