Query Fails in Azure

I want to generate a report on how Sensitivity Labels are being applied on my tenant.
I want the report to be by the Department, but for that I need to join 2 tables. Because, IdentityInfo, the table that stores info about the Users, is not static, and can have multiple duplicate entries. And the table which contains the information about Sensitivity Labels has only the User Id.

The UserId can have either the UPN or the Mail Address of the user. So, I have to use a join to figure out a way to get this data.

let resulttable = IdentityInfo
| where TimeGenerated > ago(90d)
| where UserType == "Member"
| where MailAddress has_any ("xyz.com","subdomain.xyz.com")
| where MailAddress !startswith ("QWERTY") or  AccountUPN !startswith "QWERTY"
| distinct MailAddress,AccountUPN,Department;

resulttable 
| project MailAddress,AccountUPN,Department
| datatable(MailAddress: string, AccountUPN:string,Department:string)

MicrosoftPurviewInformationProtection
| join kind = inner (resulttable) on $left.UserId == $right.AccountUPN or $left.UserId == $right.MailAddress 
| where Operation in~ ("SensitivityLabelApplied",
    "FileSensitivityLabelApplied",
    "FileSensitivityLabelChanged",
    "SensitivityLabelUpdated",
    "SiteSensitivityLabelApplied",
    "SiteSensitivityLabelChanged")
| extend ProcessName= tostring(Common.ProcessName)
| extend Apps = strcat(Application,ProcessName)
| project Id,TimeGenerated,SensitivityLabelId,UserId,Apps,Workload,Operation,Department

Now the issues I am facing

1. I am not able to temporarily store the info in resulttable. I do not know if it is a syntax error or if I am missing something.
2. I want to run the second half of the query for lets say a thirty day time frame,but since my first half of the query is for 90 days, it won’t let me change it to 30 days in the second half, because both the columns are called TimeGenerated, I think.