Get-MsolUser returns null value for ImmutableId attribute #3110
Description
Describe the bug
Hello,
Get-MgUser command doesn't display ImmutableId attribute but I think it should.
It's suposed Get-MgUser is the replacement for Get-MsolUser command, as shown at this page
"Find Azure AD PowerShell and MSOnline cmdlets in Microsoft Graph PowerShell"
https://learn.microsoft.com/en-us/powershell/microsoftgraph/azuread-msoline-cmdlet-map?view=graph-powershell-1.0&pivots=msonline
We have federated users created in O365.
ImmutableId attribute must to be populated in user account in order to create it as federated user in O365.
This attribute have to be sent by the third party SSO for federated users be able to login in O365.
Expected behavior
Command Get-MgUser would have to return ImmutableId attribute value for federated users.
This command would have to return:
PS C:> Get-MgUser -UserId username@federated.domain.edu | Select-Object -Property UserPrincipalName,ImmutableId| fl
UserPrincipalName : username@federated.domain.edu
ImmutableId : 1111111ceeeeeeeeeeeeeeeae8bc699c229999999999802e64bb8d666
How to reproduce
- I'm able to consult ImmutableId attribute for federated users created, using this MSOnline powershell command
PS C:> Get-MsolUser -UserPrincipalName username@federated.domain.edu | Select-Object -Property UserPrincipalName,ImmutableId | fl
UserPrincipalName : username@federated.domain.edu
ImmutableId : 1111111ceeeeeeeeeeeeeeeae8bc699c229999999999802e64bb8d666
- It's impossible to get ImmutableId using this Get-MgUser command because it returns a null value for ImmutableId (but its value exists !!!)
PS C:> Get-MgUser -UserId username@federated.domain.edu | Select-Object -Property UserPrincipalName,ImmutableId| fl
UserPrincipalName : username@federated.domain.edu
ImmutableId
SDK Version
ModuleType Version Name ExportedCommands ---------- ------- ---- ---------------- Script 2.25.0 Microsoft.Graph.Authentication {Add-MgEnvironment, Connect-MgGraph, Disconnect-MgGraph, Get-MgContext...} Script 2.25.0 Microsoft.Graph.Groups {Add-MgGroupDriveListContentTypeCopy, Add-MgGroupDriveListContentTypeCopyFromContentTypeHub, Add-MgGroup Script 2.25.0 Microsoft.Graph.Users {Get-MgUser, Get-MgUserCount, Get-MgUserCreatedObject, Get-MgUserCreatedObjectAsServicePrincipal...}
Latest version known to work for scenario above?
No response
Known Workarounds
No response
Debug output
Click to expand log
```</details>
### Configuration
I've been able to reproduce this issue in two diferent environments:
**Windows Environtment:**
- OS: Windows Server 2016 Standard
- Architecture: x64
- Microsoft.Graph version:
PS C:\Users\Administrator> Get-Module Microsoft.Graph*
ModuleType Version PreRelease Name ExportedCommands
Script 2.24.0 Microsoft.Graph.Authentication {Add-MgEnvironment, Connect-MgGraph, Disconnect-MgGraph, Get-MgContext…}
Script 2.24.0 Microsoft.Graph.Users {Get-MgUser, Get-MgUserCount, Get-MgUserCreatedObject, Get-MgUserCreatedObjectAsServicePrincipal…}
- Powershell version:
PS C:\Users\Administrator> $PSVersionTable
Name Value
PSVersion 5.1.14393.7693
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.14393.7693
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
**Linux Environtment:**
- OS: Ubuntu 20.04.6 LTS"
- Architecture: x64
- Microsoft.Graph version:
PS /root> Get-Module Microsoft.Graph.* | Where-Object {$_.Name -like "Microsoft.Graph.*"} | Format-Table Name,Version -AutoSize
Name Version
Microsoft.Graph.Authentication 2.25.0
Microsoft.Graph.Groups 2.25.0
Microsoft.Graph.Users 2.25.0
- Powershell version:
PS /root> $PSVersionTable
Name Value
PSVersion 7.2.11
PSEdition Core
GitCommitId 7.2.11
OS Linux 5.15.0-131-generic #141~20.04.1-Ubuntu SMP Thu Jan 16 18:38:51 UTC 2025
Platform Unix
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0
### Other information
_No response_