In the following article, we will review the restore process of Exchange Online Shared mailbox.We…
Restore Exchange Online Room mailbox | Cloud only (Fully Hosted) environment | Part 6#23
In the following article, we will review the restore process of the Exchange Online Room mailbox. We will demonstrate two options for restoring a deleted Exchange Online Room mailbox:
- Restore the Office 365 user account, that was the owner of the deleted Room mailbox. The restore process will be implemented by using the Active Directory admin center interface.
- Restore the deleted Room mailbox. The restore process will be implemented by using a PowerShell command.
The Relevance of the Exchange Online User mailbox restores scenario
The demonstration in the current article is relevant to – Office 365 implementation that
I described as – “Fully hosted” or “cloud. Only.”
The meaning of this term is – infrastructure, in which:
- The “directory services,” are solely provided by the Azure Active Directory.
- The “mail services,” are solely provided by the Exchange Online infrastructure
In other words, there aren’t any relationships, such as – Directory synchronization, with the
On-Premises environment (On-Premise Active Directory or Exchange on-premises).
The difference between the two methods of mailbox recovery
Method 1 – Restore the deleted Office 365 user account
In our scenario, we review the process of restoring the Exchange Online Room mailbox.
The recommended way to restore a Soft Deleted Exchange Online User mailbox is – to restore the Soft Deleted Office 365 user account that associated with the Soft Deleted Mailbox.
When using the option of restoring a deleted user account that was the “original owner” of a deleted Exchange Online mailbox, the user account “restore event,” will start a “series of events,” which their end result is – the recovery of the Exchange Online mailbox that associated with the restored Office 365 user account.
The option in which we start the mailbox restore process by – restoring the original user account, have two advantages:
- The restore process will restore the “original Office 365 user account.” The advantage is that all the user properties, group membership, and other settings will also be restored.
- The process of restoring Office 365 user account, can be implemented by using the web-based Office 365 admin center. All we need to do is – just click on the restore user button, and the rest of the restore process will run automatically.
Overall speaking, most of the time, this is the preferred method for restoring a deleted mailbox.
Method 2 – Restore the deleted Exchange Online mailbox
The second mailbox restores method begins with – “initializing” the recovery procedure by restoring the Soft Deleted Exchange Online mailbox (vs. the previous method, in which the restore process started by restoring the User account that associated with the Soft Deleted mailbox).
Associatively, this method sounds more logical because, the seemingly, definition of our task is – “to restore an Exchange Online mailbox,” and not “User account.”
In reality, this restores method is more complicated because we will need to complete an additional task – the task of creating a NEW user account + associated the NEW user account with the restored Exchange mailbox.
Also, the restore process implemented via PowerShell, and this interface is less user-friendly vs. the previous scenario, in which we use the Office 365 admin web-based interface.
General notes – I mention that in our scenario, we will need to complete the additional task of – creating a NEW user account that will associate with the restored mailbox.
Theoretically, we can choose to restore the Soft Deleted Exchange Online mailbox + restore the “original user account” that associated with the Soft Deleted Exchange mailbox.
The problem is that in an Office 365 environment, this option is implemented improperly, and can lead to unwanted results.
In the article: What are the possible options for recovering Exchange Online mailbox? | Part 4#23, I provide more details about this option and the reasons that I don’t recommend using this “mailbox recovery method”.
In Office 365 based environment, the method of “directly” restore the deleted mailbox implemented in the following way:
We will use a PowerShell command that will handle:
- The restore process of the Soft Deleted Exchange Online mailbox.
- Create a NEW Office 365 user account in the Azure Active Directory.
When using this method, we lose the connection to the “original user account,” that was the previous owner of the restored mailbox.
The “original deleted user account” will continue to be stored in the Azure Active Directory recycle bin, and will be deleted at the end of the 30-day period.
The process of restoring Exchange Online mailbox is implemented via a PowerShell command named – Undo-SoftDeletedMailbox.
Note: In case that the original user account doesn’t exist anymore (Hard deleted), we cannot use the option of the PowerShell command – Undo-SoftDeletedMailbox.
In this scenario, we will need to use the PowerShell command
New-MailboxRestoreRequest, that will enable us to restore the content of the deleted mailbox to another active mailbox.
We will cover this scenario in the article – Restoring Exchange Online mailbox content to another mailbox using PowerShell command New-MailboxRestoreRequest | Part 22#23
Restore Office 365 Room mailbox – scenario description
In our scenario, we will demonstrate the restore process of the following Exchange Online Room mailboxes:
- Room-MB01
- Room-MB02
To be able to demonstrate the process of restoring Exchange mailbox by restoring the Office 365 user account that considers as the owner of the Deleted Exchange Online mailbox, we will simulate an event, in which the Office 365 user accounts that are “associated” with each of the Exchange Online mailboxes are deleted.
The deletion of the Office 365 accounts, will start a “series of events,” which their result is – the deletion of the Exchange Online mailbox that associated with the Office 365 user accounts.
The Exchange mailbox restores demonstration, will be implemented by using the two following scenarios:
Scenario 1 – Restoring the deleted Office 365 user account
We will restore Exchange Online Room mailbox named – Room-MB01, by restoring the deleted Office 365 user account, that was the “owner” of the Room-MB01 mailbox (non-direct restore process).
Scenario 2 – Restore the deleted Exchange Online mailbox
We will restore Exchange Online Room mailbox named – Room-MB02, by directly restoring the Exchange Online Shared Mailbox.
The restore process will also deal with the creation of the NEW Office 365 account that will associate with the recovered Exchange Online mailbox.
We will implement this “restore process” by using the PowerShell command:
Undo-SoftDeletedMailbox
The “object deletion flow” in Office 365 and Exchange Online base environment
Just a quick reminder of the “deletion flow” in Office 365 and Exchange Online base environment:
- Step 1#4 and 2#4 – When we delete an Office 365 user account (the user accounts that associated with the Room mailbox in our example), the user account, will be “sent” to the Azure Active Directory recycle bin.
- also, the Exchange Online license that assigned to the Office 365 user who deleted, will be removed.
- Step 3#4 – Windows Azure Active Directory “inform” (synchronize the information) the Exchange Online infrastructure, about the fact that – Azure Active Directory system user account that was the owner of the Room Mailbox deleted.
- Step 4#4 – Thus, Exchange Online will delete the mailbox that associated with the Office 365 user account. The deleted Exchange Online user mailbox will be “sent” to the Exchange Online recycle bin, and stay there for 30 days. At the end of the 30-day period, the user mailbox will be deleted permanently (Hard Deleted).
Note: Another possible scenario, is a scenario in which the Room Mailbox, is directly deleted. In this case, the flow of events occurs the opposite direction.
Exchange Online will inform the Azure Active Directory that a mailbox of Azure Active Directory user account deleted.
The Azure Active Directory will delete the user account that considers as the Exchange Online mailbox owner, and the Azure Active Directory will be kept in the Azure Active Directory recycle bin.
Phase 1#3 – Preparing the Room mailbox deletion scenario infrastructure
In the following screenshot, we can see that we have created two Exchange Online Room mailboxes named – Room-MB01 and Room-MB02.
The reason for using Two-Room mailboxes is because, in the next section, we demonstrate two methods for restoring Exchange Room mailbox.
The Azure Active Directory user account that associated with the Room Mailbox
An Exchange Online Room mailbox must have an “owner” meaning – user account.
When we use Exchange Online for creating a new Room mailbox, Exchange Online informs the Azure Active Directory, about the “New Room mailbox,” and the Azure Active Directory will automatically create a new Office 365 user accounts, that will consider as the mailbox owner.
Phase 2#3 – Simulate the event of Room mailbox deleted by deleting the associated Office 365 user accounts
In the section, we will simulate the event of Exchange Online Room mailbox deletion.
We will execute the Room mailbox deletion event, by deleting the Office 365 user account that considers as the “owner” of the Room mailboxes.
In our scenario, we select the Office 365 user accounts that consider as the owner of Room-MB01 and Room-MB02 and delete them!
When we select the delete button, the following warning message appears:
When you delete users, their data deleted and their licenses can assign to other users. You can restore deleted users and their data for up to 30 days after you delete them.
Azure Active Directory, inform us that the Office 365 user not permanently deleted, but instead, will be kept over a period of 30 days (Soft Deleted – saved in the Azure Active Directory recycle bin).
In the following screenshot, we can see that the Office 365 users accounts are “relocated” and sent to the Azure Active Directory recycle bin.
In the following screenshot, we can see that the Exchange Online Room mailboxes that were “attached” to the Office 365 user accounts, were also deleted! (the resource mailbox list is empty).
Get information about the soft-deleted Exchange Online Room mailboxes
In the previous section, we have started a sequence of events, which lead to the deletion of the Exchange Online Room mailbox.
The deleted Exchange Room mailboxes, consider as – “Soft deleted” mailboxes, and they are stored in the Exchange Online recycle bin store.
Exchange Online environment, offers us two options for viewing the “content” of the Exchange Online recycle bin.
Option 1 – using PowerShell
To be able to view the content of the Exchange Online recycle bin, we can use the following PowerShell command:
Get-Mailbox -SoftDeletedMailbox
In the following screenshot, we can see the result.
The Exchange Online recycle bin contains the Room-MB01 and Room-MB02 mailboxes.
Note – the ability to view the content of the Exchange Online recycle bin using PowerShell command, is based preliminary step, in which we need to connect Exchange Online using remote PowerShell. In case you need instructions on how to create a Remote PowerShell session to Exchange Online, you can read the article – Connect to Exchange Online PowerShell
Option 2 – using the Exchange Online admin center
Another option that we can use for viewing the content of the Exchange recycle bin is – by using the “Deleted mailboxes” menu in the Exchange Online admin center.
To be able to view the list of Soft Deleted mailboxes, use the following steps:
- Login to Exchange Online admin page
- On the left menu bar, select the menu – recipients
- On the top menu bar, choose the menu – mailboxes
- Click on the three dots icon
- Choose the menu – Deleted mailboxes
In the following screenshot, we can see the “graphical presentation” of the Soft Deleted mailboxes (the content of the Exchange Online recycle bin).
Notice that the interface includes a menu option named- Recover.
I strongly recommend not using this “recover menu” option because – the results can be unpredictable.
In the article: What are the possible options for recovering Exchange Online mailbox? | Part 4#23, I provide more details about this option and the reasons that I don’t recommend using this “mailbox recovery method”.
Phase 3#3 – Restore the Soft Deleted Room mailbox
In this section, we will demonstrate two methods for restoring a Soft Deleted Exchange Online Room mailbox.
Scenario 1#2 | Restoring Exchange Online user account (Room mailbox owner) – the flow of events
Before we start with the step by step instructions, a brief review of the “Restore process flow” in Office 365 and Exchange Online base environment.
When we restore a Soft Deleted Exchange Online Room mailbox, by restoring the Room Mailbox user account (the mailbox owner), the following chain of events implemented:
Azure Active Directory infrastructure
- Step 1#4 – The status of the recovered user account, is updated from – Soft Deleted user account to – “Active.”
- Step 2#4 – Azure Active Directory synchronizes the “updated information” to Exchange Online infrastructure.
Exchange Online infrastructure
- Step 3#4 – Exchange Online accepts the up-to-date information and starts a process of recovering the Soft Deleted Room mailbox.
- Step 4#4 – The Room mailbox is recovered, and “associated” with the restored Azure Active Directory user account that was the “original owner” of the Room Mailbox.
In this section, we review how to restore the Office 365 user account; that was the “owner” of the Soft Deleted Room mailbox.
As mentioned, the action of restoring the user account will “trigger” a sequence of events, which end with – restoring the Soft Deleted Exchange Online Room mailbox.
Restoring Azure Active Directory user account using the Office 365 admin center
In our example, we will use the Office 365 admin center web-based interface for restoring the Soft Deleted user account.
Note: Another option of restoring a Soft Deleted Azure Active Directory user account is, by using PowerShell command.
To be able to restore the Office 365 deleted user account, use the following steps:
- Login to the Office 365 admin center.
- On the left menu bar, we select the – Deleted users menu
In our scenario, we choose to restore the deleted Office 365 user account named – Room-MB01
When we restore a Soft Deleted Azure Active Directory user account, we need to decide about the required option of the “user password.”
In our example, the restored user account considers as “system user account” that is managed by Office 365 (no need for a user license, etc.), we will not change the default setting and click on the Restore button.
Note – an Office 365 user account that is “attached” to the Exchange Online Room mailbox, consider as a particular Azure Active Directory user account. This Room mailbox user account doesn’t require a license, and that his password management implemented by the Azure Active Directory.
We will finish the “restore user procedure,” by clicking on the button – Send email and close
Verifying if the Soft Deleted mailbox was successfully restored.
In case that the restore process successfully completed, the following objects should be restored:
- The user account Room-MB01 should appear at the Azure Active Directory admin center, under the section
of Active users. - The mailbox – Room-MB01, should appear in the Exchange Online admin center, under the section
of recipients \ resources.
Active Directory admin center – Active users
In the following screenshot, we can see that Room-MB01 User account, was successfully restored.
Exchange Online admin center – recipients \ resources
In the following screenshot, we can see that Room mailbox – “Room-MB01,” was successfully restored.
Verifying if the Soft Deleted mailbox successfully restored using PowerShell
The restored Room mailbox should be relocated from the Exchange recycle bin store to the “Active mailbox store.”
This step is not necessary, but I would like to embody the concept of this “relocation.”
After we have restored the Room mailbox, we will use the PowerShell command Get-Mailbox -SoftDeletedMailbox again, for viewing that content of the Exchange recycle bin.
In the following screenshot, we can see that before we start the mailbox restore process, the mailbox named – Room-MB01, appears on the list of “Soft Deleted mailboxes.”
After we have completed the mailbox restore process, the “Soft Deleted mailboxes” list, doesn’t contain the name of the Room-MB01 mailbox anymore.
The meaning is that the status of the Room-MB01 mailbox was updated from – “Soft Deleted mailbox,” into “Active Deleted mailbox.”
Scenario 2#2 | “Directly“ restore the Soft deleted Exchange Online mailbox by using the PowerShell Undo-SoftDeletedMailbox
In the following section, we review the process of restoring Soft deleted Exchange Online mailbox (Room mailbox named – Room-MB02) by directly restore the Soft Deleted Room mailbox (vs. the previous scenario, in which we restore the user account that associated with the Soft Deleted Room mailbox).
In this scenario, the restore process of the Soft Deleted Room mailbox will be implemented by using PowerShell command. The PowerShell commands that we use will execute two separate tasks simultaneously:
- Restore the Soft Deleted Room mailbox.
- Create a new Office 365 user account in the Azure Active Directory.
Restoring Exchange Online Room mailbox – the flow of events
When we restore the Soft Deleted Room mailbox, by running the PowerShell command-
Undo-SoftDeletedMailbox, the following flow of events will occur:
Exchange Online infrastructure
- Step 1#4 – The status of the recovered Exchange Online mailbox is updated from – Soft Deleted mailbox into – “Active mailbox.” (the Soft Deleted room mailbox, is relocated from the Exchange recycle bin to – the Exchange Online active mailbox store).
- Step 2#4 – Exchange Online, synchronizes the “updated information” to Azure Active Directory infrastructure.
Azure Active Directory infrastructure
- Step 3#4 – Azure Active Directory get the information about the change in the Exchange Online mailbox status (the fact the that Exchange Online mailbox was recovered).
- Step 4#4 – Azure Active Directory creates a NEW user account, and “bind” the NEW user account to the Exchange Online Room mailbox.
The PowerShell command Undo-SoftDeletedMailbox logic and characters.
Before we start with the specific instructions of – how to use the PowerShell command-
Undo-SoftDeletedMailbox for, restoring Soft Deleted Exchange Online mailbox, I would like to briefly review the syntax and the logic of the Undo-SoftDeletedMailbox command.
In our scenario, we use the PowerShell command – “Undo-SoftDeletedMailbox” for executing two tasks:
- Restoring the Soft deleted Exchange Online mailbox.
- Creating a NEW Azure Active Directory user account.
For this reason, the PowerShell parameters that we need to provide relates to the name of the Soft Deleted Exchange Online mailbox that we want to restore + the parameters that relate to the NEW Azure Active Directory user account that will create.
In the following diagram, we can see the “two parts” of the Undo-SoftDeletedMailbox PowerShell command.
In the first part, we specify the name of the Exchange Online Soft Deleted mailbox that we want to restore (number 1).
In the second part, we need to provide information used for creating the NEW Azure Active Directory user account.
The parameter – WindowsLiveID, utilized for the UPN (User Principal Name) of the new Azure Active Directory user account + as the primary E-mail address (number 2).
Also, each Azure Active Directory user account should have a password. For this reason, the second Azure Active Directory parameter that we need to provide is the user password.
An example of the PowerShell syntax is:
Undo-SoftDeletedMailbox <Name of the Soft Deleted mailbox> -WindowsLiveID <UPN Name + primary E-mail address> -Password (ConvertTo-SecureString -String <‘password‘> -AsPlainText -Force)
Note: The ability restores the Soft Deleted Exchange Online mailbox by using the PowerShell command Undo-SoftDeletedMailbox is based preliminary step, in which we need to connect Exchange Online using remote PowerShell.
In case you need instructions on how to create a Remote PowerShell session to Exchange Online, you can read the article – Connect to Exchange Online PowerShell
Restoring a Soft Deleted Exchange Online Room mailbox by using the PowerShell command – Undo-SoftDeletedMailbox
In our scenario, we will restore a Soft Deleted Exchange Online Room mailbox named-
Room-MB02.
The PowerShell command that we use will:
- Restore the Soft Deleted mailbox (Undo-SoftDeletedMailbox)
- Create a NEW Office 365 user account (WindowsLiveID) with the same name as the name of the Room Mailbox (Room-MB02).
- Set a predefined password of the NEW Office 365 user account (ConvertTo-SecureString)
The PowerShell command syntax that we use in our scenario is:
Undo-SoftDeletedMailbox Room-MB02@o365info.com -WindowsLiveID
Room-MB02@o365info.com -Password (ConvertTo-SecureString -String 'Asd#4R12' -AsPlainText -Force)
In the following screenshot, we can see that the Exchange Online mailbox restore process successfully completed.
Using the Verbose PowerShell parameter.
I have added to the PowerShell restore mailbox command, the parameter – Verbose. Using the Verbose parameter, enable us to get additional information about “what happens behind the scenes.”
In our example, the additional information that we get from using the Verbose parameter is:
VERBOSE: Creating mailbox “Room-MB02” with User Principal Name “Room-MB02@o365info.com” in the organizational unit “EURPR05A001.prod.outlook.com/Microsoft Exchange Hosted Organizations/o365info2.onmicrosoft.com”.
Verify that the Exchange Online room mailbox restore process successfully completed.
In case that the restore process successfully completed, the following objects should be restored:
- The mailbox – Room-MB02, should appear in the Exchange Online admin center, under the section
of recipients \ resources. - The user Room-MB02 should appear in the Azure Active Directory admin center, under the section of Active users.
Exchange Online admin center – recipients \ resources
In the following screenshot, we can see that mailbox – “Room-MB02,” was successfully restored.
Active Directory admin center – Active users
In the following screenshot, we can see that user “Room-MB02,” was successfully restored.
It’s important to emphasize that the “older owner” (the Office 365 user account that was soft deleted) of the Room Mailbox, was not restored!
When we look in the Azure Active Directory – Deleted users section, we can see that the older user account – Room-MB02, still exists.
This user account will automatically delete at the end of the 30-day period.
In case you wonder – how could it be that the Azure Active Directory contains two different user account that has the same name (the name Room-MB02)?
The answer is that the “name,” is not a unique identifier.
In an Active Directory environment, the unique identifiers of each object are the GUID (Globally Unique Identifier).
In other words, the previous owner of the Room mailbox has a different GUID from the “new owner” of the Room mailbox that restored.
The next article in the current article series
Restore Exchange Online Shared mailbox | Cloud only (Fully Hosted) environment | Part 7#23