Final answer:
To find an immutable ID in Active Directory, one must use PowerShell or another tool to retrieve the ObjectGUID, which is Active Directory's immutable identifier for objects. This attribute remains constant even if other user details change.
Step-by-step explanation:
To find an immutable ID in Active Directory, one usually needs to access it through a tool that can interact with Active Directory's attributes. Microsoft's Active Directory uses the ObjectGUID as an attribute to uniquely identify objects such as user accounts, which is considered the immutable ID for that object. This ID does not change and remains the same even if the user's information like username or other attributes are modified. Here's how you can retrieve the immutable ID:Use the Active Directory Module for Windows PowerShell.
Launch PowerShell as an administrator and then run Import-Module ActiveDirectory to get the necessary cmdlets for Active Directory operations.Execute the command Get-ADUser -Identity 'username' -Properties ObjectGUID, where 'username' is the username of the account you're inquiring about.The output will display various properties of the user's account, including the ObjectGUID, which is the immutable ID.Alternatively, other tools like ADSI Edit or a simple LDAP query can also fetch the ObjectGUID. It is important to note that in some cloud services and directories, the term immutable ID might be used to refer to a base64-encoded version of the ObjectGUID that is used when synchronizing on-premises Active Directory with cloud services such as Azure AD.