Hello @Kim3 Chris ,
This is because Office 365 lacks the ImmutableID. More information on Soft-match/Hard-match can be found here.
Steps to perform hard-match:
1.Launch the PowerShell window on a server where you have AD management tools installed and run.
Import-Module ActiveDirectory
Please read this article to install the PowerShell Active Directory module.
2.Find the ObjectGUID of the user account by running the command
Get-ADUser -Identity “user logon name” -Server “domain controller name”
3.Convert the Active Directory ObjectGUID value to Base64 value. The simplest method is to use this website http://guid-convert.appspot.com/
4.Connect to Azure Active Directory to update the new ImmuatbleID.
- Install the MSOnline module
Install-Module -Name MSonline
- Connect to Azure Active Directory and provide your Office 365 admin credentials.
Connect-MSOLService
- Check if ImmutableID is missing for the affected user through below command. Replace <user@keyman .tld> with user's UPN.
Get-MsolUser --UserPrincipalName <user@domain.tld> | select ImmutableID
- Now execute the below command to update the ImmutableID that was converted in step 3.
Set-MsolUser -UserPrincipalName user@contoso.com -ImmutableId <immutableID>
- Then either manually run a delta sync on your Azure AD Connect server or wait for the scheduled sync cycle to complete.
Thanks,
Echo Du
=======================
If an Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.