How to check the Immutable ID/Source Anchor

This article expains how to check which attribute is used as the source anchor for the synchronization between Active Directory and Azure Active Directory.


0 – Install necessary PowerShell Modules, if needed.

Install-Module MSOnline
Import-Module MSOnline

1 – Get User Immutable ID from Azure.

Get-MsolUser -UserPrincipalName [email protected] | select ImmutableID

2 – Convert to GUID Format

[GUID][system.convert]::FromBase64String("User ImmutableID")

3 – Check against AD and check which one is corresponding

$User = Get-ADUser -Identity username -Properties mS-DS-ConsistencyGUID

Azure AD Connect

1 – Go to Azure AD connect server and open Azure AD Connect


2 – Click on Configure


3 – Click on View current configuration then Next


4 – In the Synchronization Settings, look for Source Anchor

2 thoughts on “How to check the Immutable ID/Source Anchor”

  1. Wow! Those PowerShell script snippets were SUPER helpful to me to create a little script that quickly compares a few attributes for a user from the cloud side and the AD side. Awesome!

  2. Thank you so much for the script, It helped to clear confusion around objectGUID

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.