src/Private/ConvertTo-ImmutableId.ps1
|
function ConvertTo-ImmutableId { <# .SYNOPSIS Converts an on-premises objectGUID to the default Entra Connect ImmutableId. .DESCRIPTION The default Entra Connect (Azure AD Connect) sourceAnchor / immutableId is the Base64 encoding of the AD objectGUID's raw byte array. This lets us correlate an on-prem account to its synced cloud user even when UPNs differ. Returns $null for an empty/invalid GUID so callers can fall back to UPN matching. #> [CmdletBinding()] param( [Parameter(ValueFromPipeline)] [object] $ObjectGuid ) process { if (-not $ObjectGuid) { return $null } try { $guid = if ($ObjectGuid -is [guid]) { $ObjectGuid } else { [guid]::Parse([string]$ObjectGuid) } return [System.Convert]::ToBase64String($guid.ToByteArray()) } catch { return $null } } } |