Choose the value returned by the LDAP type question

thanks for making this clear to us, now understand the struggle here.

Thank you for the answer and indeed we can do everything with the DN (in AD).

My use case is as follows: I launch an Azure runbook which performs actions only in Entra ID. A simple example is a "Get-MgUser". As you know, in this case, the DN cannot be used and I must therefore make a request in the on-premise AD to retrieve the UPN and then be able to perform my "Get-MgUser".

We have a lot of actions that are unique to Entra ID and based on the users UPN.

A simple text field that asks for the UPN is subject to the users' "typo" so I need to be sure the UPN entered is existing.

The best solution would probably be to use the "Powershell" question type to directly retrieve the information in Entra ID, but it's not as simple as with LDAP... I would need 2 questions to do that (and so 2 parameters in my script), 1 to request the UPN (Text type) and the second (Powershell type) to execute my query in entra ID based on the UPN entered in question 1. And thus validate that the UPN entered in question 1 is existing.

We had that request from time to time, but we do not understand the reason, cause in the automation you can do all what is needed with the DN.
And we want to prevent the system to get to complex.