Problem: Get an restored user back to office-365 sync


A user was deleted in UCS. In office365 the user is locked, loses his groups and is renamed to ZZZ_Deleted.

The restored user is a nwe one in office365 and not reconnected.


First you can try to reconnect with script attached in Bug 48641
Direkt Link to the attachement

You may get an API error using the “-m” option:
“ApiError: Property immutableId is invalid”
-> its not possible to change the immutableid via API
so you have to change it manually:

-> Use windows powershell
## Caution! The immutableid cannot be set via script when domain is federated, so we have to briefly change it to a managed domain
## its not tested what this will cause . users will not be able to login until federation is done again, but its unclear if current sessions are ended, or if connected devices will have to reconnect
Set-MsolDomainAuthentication -DomainName "" -Authentication Managed
# maybe wait a minute, otherwise powershell error may occur
# quote marks around "$null" are essential!
Set-MSOLUser -UserPrincipalName <azureuser-UPN> -ImmutableID "$null"
# activate federation with .bat script given for initial setup by o365 wizard
#end powershell
# connect users with script
./o365_connect_azure_to_ucs_user -c o365domain -p <azureuser-UPN> -u <useruser-uid> -a -m