cliv · July 19, 2022 16:49
diff --git a/gistfile1.txt b/gistfile1.txt
 # This generally affects users federated to azuread from gsuite who's email address has changed - You'll still have sync errors
 # but at least the user can still log in.

 # This works in Powershell 7.x on mac as well as windows
 # Requires `Install-Module Microsoft.Graph`

 # Who are we modifying
 $email = "[email protected]"

 # Fix the user
 Connect-MgGraph -Scopes "User.ReadWrite.All"
 $targetDomain = @(Get-MgDomain | Where-Object {$_.AuthenticationType -eq "Managed" -and $_.id -like "*onmicrosoft.com"})[0]
 $tempEmail = $email.split('@')[0] + "@" + $targetDomain.Id
 $targetUser = Get-MgUser -UserId $email 
 Update-MgUser -UserId $targetUser.id -UserPrincipalName $tempEmail
 Update-MgUser -UserId $targetUser.id -OnPremisesImmutableId $email
 Update-MgUser -UserId $targetUser.id -UserPrincipalName $email
	# This generally affects users federated to azuread from gsuite who's email address has changed - You'll still have sync errors
	# but at least the user can still log in.

	# This works in Powershell 7.x on mac as well as windows
	# Requires `Install-Module Microsoft.Graph`

	# Who are we modifying
	$email = "[email protected]"

	# Fix the user
	Connect-MgGraph -Scopes "User.ReadWrite.All"
	$targetDomain = @(Get-MgDomain \| Where-Object {$_.AuthenticationType -eq "Managed" -and $_.id -like "*onmicrosoft.com"})[0]
	$tempEmail = $email.split('@')[0] + "@" + $targetDomain.Id
	$targetUser = Get-MgUser -UserId $email
	Update-MgUser -UserId $targetUser.id -UserPrincipalName $tempEmail
	Update-MgUser -UserId $targetUser.id -OnPremisesImmutableId $email
	Update-MgUser -UserId $targetUser.id -UserPrincipalName $email