-
-
- Pause Azure AD Sync by opening Azure AD Connect. You should see this prompt
- Create the users new AD Account make sure that the UPN is set correct and the proxy address has an entry for SMTP:userprincipalname@domainname.com (this is the primary email address)
- Recover the deleted account under Users -> Deleted Users in the clients Admin portal
- Click on the user then select Restore
- Follow the prompts to set the password. ( this won’t really matter as we will be syncing it with an active directory account. )
- Wait for the account to restore (depending on the account size can take 15 to 45 minutes)
- Run the following from powershell on the client’s domain controller
$ADUser = "username" $365User = "username@emaildomainname.com" $guid =(Get-ADUser $ADUser).Objectguid $immutableID=[system.convert]::ToBase64String($guid.tobytearray()) $immutableID
-
- Then connect to Microsoft online
$credential = Get-Credential Connect-MsolService -Credential $credential $365User = “Restoreduserprincipalnamecloudonly” Set-MsolUser -UserPrincipalName "$365User" -ImmutableId “$null$” Set-MsolUser -UserPrincipalName "$365User" -ImmutableId $ImmutableID
-
- Exit out of Azure AD Connect and run Start-ADSyncSyncCycle -PolicyType Delta
- After a few minutes the account will sync and you should see only one account in active users showing that it is synced to Active Directory.
-
Thanks to https://www.itpromentor.com/soft-vs-hard-match/