Skip to content

Restore Exchange Online Shared mailbox | Cloud only (Fully Hosted) environment | Part 7#23

In the following article, we will review the restore process of Exchange Online Shared mailbox.
We will demonstrate two options for restoring a deleted Exchange Online Shared mailbox:

  1. Restore the Office 365 user account, that was the owner of the deleted Shared mailbox. The restore process will be implemented by using the Active Directory admin center interface.
  2. Restore the deleted Shared mailbox. The restore process is implemented by using a PowerShell command.

The Relevance of the Exchange Online User mailbox restores scenario

The demonstration in the current article is relevant to – Office 365 implementation that I described as – “Fully hosted” or “cloud Only.”
The meaning of this term is – infrastructure, in which:

  • The “directory services,” are solely provided by the Azure Active Directory.
  • The “mail services,” are solely provided by the Exchange Online infrastructure

In other words, there aren’t any relationships, such as – Directory synchronization, with the
On-Premises environment (On-Premise Active Directory or Exchange on-Premises).

The difference between the two methods of mailbox recovery

Method 1 – Restore the deleted Office 365 user account

In our scenario, we review the process of restoring Exchange Online Shared mailbox.
The recommended way to restore a Soft Deleted Exchange Online User mailbox is – to restore the Soft Deleted Office 365 user account that associated with the Soft Deleted mailbox.

When using the option of restoring a deleted user account that was the “original owner” of a deleted Exchange Online mailbox, the user account “restore event,” will start a “series of events.” Their result is – the recovery of the Exchange Online mailbox that associated with the restored Office 365 user account.

The option in which we start the mailbox restore process by – restoring the original user account, have two advantages:

  • The restore process will restore the “original Office 365 user account.” The advantage is that all the user properties, group membership, and other settings will also restore.
  • The process of restoring Office 365 user account, can be implemented by using the web-based Office 365 admin center. All we need to do is – just click on the restore user button, and the rest of the restore process will run automatically.

Generally speaking, most of the time, this is the preferred method for restoring a deleted mailbox.

Restoring an Office 365 user account is the recommended option

Method 2 – Restore the deleted Exchange Online mailbox

The second mailbox restores method, begin with – “initializing” the recovery procedure by restoring the Soft Deleted Exchange Online mailbox (vs. the previous method, in which the restore process started by restoring the User account that associated with the Soft Deleted mailbox).

Associatively, this method sounds more logical because, the seemingly, definition of our task is – “to restore an Exchange Online mailbox,” and not “User account.”

In reality, this restores method is more complicated because we will need to complete an additional task – the task of creating a NEW user account + associated the NEW user account with the restored Exchange mailbox.

Also, the restore process implemented via PowerShell, and this interface is less user-friendly vs. the previous scenario, in which we use the Office 365 admin web-based interface.

General note – I mention that in our scenario, we will need to complete the additional task of – creating a NEW user account that will associate with the restored mailbox.

Theoretically, we can choose to restore the Soft Deleted Exchange Online mailbox + restore the “original user account” that associated with the Soft Deleted Exchange mailbox.
The problem is that in an Office 365 environment, this option is implemented improperly, and can lead to unwanted results.

In the article: What are the possible options for recovering Exchange Online mailbox? | Part 4#23, I provide more details about this option and the reasons that I don’t recommend using this “mailbox recovery method.”

In Office 365 based environment, the method of “directly” restore the deleted mailbox implemented in the following way:

In Office 365 based environment, the method of “directly” restore the deleted mailbox performed in the following way:

We will use a PowerShell command that will handle:

  1. The restore process of the Soft Deleted Exchange Online mailbox.
  2. Create a NEW Office 365 user account in the Azure Active Directory.

When using this method, we lose the connection to the “original user account,” that was the previous owner of the restored mailbox.

The “original deleted user account” will continue to be stored in the Azure Active Directory recycle bin, and will be deleted at the end of the of the 30-day period.

The process of restoring Exchange Online mailbox is implemented via a PowerShell command named – Undo-SoftDeletedMailbox.

Note: In case that the original user account doesn’t exist anymore (Hard deleted), we cannot use the option of the PowerShell command – Undo-SoftDeletedMailbox.

In this scenario, we will need to use the PowerShell command New-MailboxRestoreRequest, that will enable us to restore the content of the deleted mailbox to another active mailbox.

We will cover this scenario in the article – Restoring Exchange Online mailbox content to another mailbox using PowerShell command New-MailboxRestoreRequest | Part 22#23

Restore Office 365 Shared mailbox – scenario description

In our scenario, we will demonstrate the restore process of the following Exchange Online Shared mailboxes:

  • SharedMB01
  • Shared-MB02

To be able to demonstrate the process of restoring Exchange mailbox by restoring the Office 365 user account that considers as the owner of the Deleted Exchange Online mailbox, we will simulate an event, in which the Office 365 user accounts that are “associated” with each of the Exchange Online mailboxes are deleted.

The deletion of the Office 365 accounts, will start a “series of events,” which their end result is – the deletion of the Exchange Online mailbox that associated with the Office 365 user accounts.

The Exchange mailbox restores demonstration, will be implemented by using the two following scenarios:

Scenario 1 – Restoring the deleted Office 365 user account

We will restore Exchange Online Shared mailbox named – Shared-MB01, by restoring the deleted Office 365 user account, that was the “owner” of the Shared-MB01 mailbox (non-direct restore process).

Scenario 2 – Restore the deleted Exchange Online mailbox

We will restore Exchange Online Shared mailbox named – Shared-MB02, by directly restoring the Exchange Online Shared mailbox. The restore process will also deal with the creation of the NEW Office 365 account that associated with the recovered Exchange Online mailbox.

We will implement this “restore process” by using the PowerShell command:

Undo-SoftDeletedMailbox

The “object deletion flow” in Office 365 and Exchange Online base environment

Just a quick reminder of the “deletion flow” in Office 365 and Exchange Online base environment:

  • Step 1#4 and 2#4 – When we delete an Office 365 user account (the user accounts that associated with the Shared mailbox in our example), the user account, will be “sent” to the Azure Active Directory recycle bin.
  • Step 3#4 – Windows Azure Active Directory “inform” (synchronize the information) the Exchange Online infrastructure, about the fact that – Azure Active Directory system user account that was the owner of the Shared mailbox deleted.
  • Step 4#4 – Thus, Exchange Online will delete the mailbox that was associated with the Office 365 user account.
  • The deleted Exchange Online mailbox will be “sent” to the Exchange Online recycle bin, and stay there for 30 days. At the end of the 30-day period, the user mailbox will be deleted permanently (Hard Deleted).
Office 365 user accounts connected to the Exchange Online Shared mailbox were deleted - The chain of events

Note: Another possible scenario, is a scenario in which the Shared mailbox, is directly deleted. In this case, the flow of events occurs opposite direction.

Exchange Online will inform the Azure Active Directory that a mailbox of Azure Active Directory user account deleted.

The Azure Active Directory will delete the user account that considers as the Exchange Online mailbox owner, and the Azure Active Directory will be kept in the Azure Active Directory recycle bin.

Phase 1#3 – Preparing the Shared mailbox deletion scenario infrastructure

In the following screenshot, we can see that we have created two Exchange Online Shared mailboxes named – Shared-MB01 and Shared-MB02.

The reason for using two Shared mailboxes is because, in the next section, we demonstrate two methods for restoring Exchange Shared Mailbox.

Restore Office 365 Shared mailbox – scenario description -01

The Azure Active Directory user account that associated with the Shared mailbox

An Exchange Online Shared mailbox must have an “owner” meaning – user account.
When we use Exchange Online for creating a new Shared mailbox, Exchange Online informs the Azure Active Directory, about the “New Shared mailbox,” and the Azure Active Directory will automatically create a new Office 365 user accounts, that will consider as the mailbox owner.

Restore Office 365 Shared mailbox – scenario description -02

Phase 2#3 – Simulate the event of Shared mailbox deletion, by deleting the associated Office 365 user accounts

In the section, we will simulate the event of Exchange Online Shared mailbox deletion.
We will execute the Shared mailbox deletion event, by deleting the Office 365 user account that considers as the “owner” of the Shared mailboxes.

In our scenario, we select the Office 365 user accounts that consider as the owner of Shared-MB01 and Shared-MB02 and delete them!

Simulate event of Shared mailbox deletion -deleting the associated Office 365 user account -01

When we select the delete button, the following warning message appears:

When you delete users, their data deleted and their licenses can assign to other users. You can restore deleted users and their data for up to 30 days after you delete them.

Azure Active Directory, inform us that the Office 365 user not permanently deleted, but instead, will be kept over a period of 30 days (Soft Deleted – saved in the Azure Active Directory recycle bin).

Simulate event of Shared mailbox deletion -deleting the associated Office 365 user account -02

In the following screenshot, we can see that the Office 365 users accounts are “relocated” and sent to the Azure Active Directory recycle bin.

Simulate event of Shared mailbox deletion -deleting the associated Office 365 user account -03

In the following screenshot, we can see that the Exchange Online Shared mailboxes that were “attached” to the Office 365 user accounts, were also deleted! (the resource mailbox list is empty).

Simulate event of Shared mailbox deletion -deleting the associated Office 365 user account -04

Get information about the soft deleted Exchange Online Shared mailboxes

In the previous section, we have started a sequence of events, which lead to the deletion of the Exchange Online Shared mailbox.

The deleted Exchange Shared mailboxes, consider as – “Soft deleted” mailboxes, and they are stored in the Exchange Online recycle bin store.

Exchange Online environment, offer us two options for viewing the “content” of the Exchange Online recycle bin.

Option 1 – using PowerShell

To be able to view the content of the Exchange Online recycle bin, we can use the following PowerShell command:

Get-Mailbox -SoftDeletedMailbox

In the following screenshot, we can see the result.
The Exchange Online recycle bin contains the Shared-MB01 and Shared-MB02 mailboxes.

Get information about the soft deleted Exchange Online Shared mailboxes

Note: The ability to view the content of the Exchange Online recycle bin using PowerShell command, is based preliminary step, in which we need to connect Exchange Online using remote PowerShell.

In case that you need instructions how to create a Remote PowerShell session to Exchange Online, you can read the article – Connect to Exchange Online PowerShell

Option 2 – using the Exchange Online admin center

The another option that we can use for viewing the content of the Exchange recycle bin is – by using the “Deleted mailboxes” menu in the Exchange Online admin center.

To be able to view the list of Soft Deleted mailboxes, use the following steps:

  • Login to Exchange Online admin page
  • On the left menu bar, select the menu – recipients
  • On the top menu bar, choose the menu – mailboxes
  • Click on the three dots icon
  • Choose the menu – Deleted mailboxes
Get information about the soft deleted Exchange Online Shared mailboxes -02

In the following screenshot, we can see the “graphical presentation” of the Soft Deleted mailboxes (the content of the Exchange Online recycle bin).

Notice that the interface includes a menu option named- Recover.
I strongly recommend not using this “recover menu” option because – the results can be unpredictable.

In the article: What are the possible options for recovering Exchange Online mailbox? | Part 4#23, I provide more details about this option and the reasons that I don’t recommend using this “mailbox recovery method”.

Get information about the soft deleted Exchange Online Shared mailboxes -03

Phase 3#3 – Restore the Soft Deleted Shared mailbox

In this section, we will demonstrate two methods for restoring a Soft Deleted Exchange Online Shared mailbox.

Scenario 1#2 | Restoring Exchange Online user account (Shared mailbox owner) – the flow of events

Before we start with the step by step instructions, a brief review of the “Restore process flow” in Office 365 and Exchange Online base environment.

When we restore a Soft Deleted Exchange Online Shared mailbox, by restoring the Shared mailbox user account (the mailbox owner), the following chain of events implemented:

Azure Active Directory infrastructure

  • Step 1#4 – The status of the recovered user account, is updated from – Soft Deleted user account to – “Active.”
  • Step 2#4 – Azure Active Directory synchronizes the “updated information” to Exchange Online infrastructure.

Exchange Online infrastructure

  • Step 3#4 – Exchange Online accepts the up-to-date information and starts a process of recovering the Soft Deleted Shared mailbox.
  • Step 4#4 – The Shared mailbox is recovered, and “associated” with the restored Azure Active Directory user account that was the “original owner” of the Shared mailbox.
Restore the Office 365 user account -activate the process of restoring the Exchange Online Shared mailbox

In this section, we review how to restore the Office 365 user account; that was the “owner” of the Soft Deleted Shared mailbox.

As mentioned, the action of restoring the user account will “trigger” a sequence of events, which end with – restoring the Soft Deleted Exchange Online Shared mailbox.

Restoring Azure Active Directory user account using the Office 365 admin center

In our example, we will use the Office 365 admin center web-based interface for restoring the Soft Deleted user account.

Note: Another option of restoring a Soft Deleted Azure Active Directory user account is, by using PowerShell command.

To be able to restore the Office 365 deleted user account, use the following steps:

In our scenario, we choose to restore the deleted Office 365 user account named –
Shared-MB01

Restore the Soft deleted Exchange Online Shared mailbox - restoring the Office 365 user account -01

When we restore a Soft Deleted Azure Active Directory user account, we need to decide about the required option of the “user password.”

In our example, the restored user account considers as “system user account” that is managed by Office 365 (no need for a user license, etc.), we will not change the default setting and click on the Restore button.

Note: An Office 365 user account that is “attached” to the Exchange Online Shared mailbox, consider as a particular Azure Active Directory user account. This Shared mailbox user account doesn’t require a license, and that the Azure Active Directory responsible for the password management.

Restore the Soft deleted Exchange Online Shared mailbox - restoring the Office 365 user account -02

We will finish the “restore user procedure,” by click on the button – Send email and close

Restore the Soft deleted Exchange Online Shared mailbox - restoring the Office 365 user account -03

Verifying if the Soft Deleted mailbox was successfully restored.

In case that the restore process successfully completed, the following objects should be restored:

  • The user account Shared-MB01 should appear at the Azure Active Directory admin center, under the section of Active users.
  • The mailbox – Shared-MB01, should appear in the Exchange Online admin center, under the section
    of recipients \ resources.

Active Directory admin center – Active users

In the following screenshot, we can see that Shared-MB01 User account, was successfully restored.

Restore the Soft deleted Exchange Online Shared mailbox - restoring the Office 365 user account -04

Exchange Online admin center – recipients \ resources

In the following screenshot, we can see that Shared mailbox – “Shared-MB01,” was successfully restored.

Verifying the status of the restored shared mailbox – Exchange Online admin center -01

Verifying if the Soft Deleted mailbox successfully restored using PowerShell

The restored Shared mailbox should be relocated from the Exchange recycle bin store to the “Active mailbox store.”

This step is not necessary, but I would like to embody the concept of this “relocation.”

After we have restored the Shared mailbox, we will use the PowerShell command Get-Mailbox -SoftDeletedMailbox again, for viewing that content of the Exchange recycle bin.

In the following screenshot, we can see that before we start the mailbox restore process, the mailbox named – Shared-MB01, appears on the list of “Soft Deleted mailboxes.”

After we have completed the mailbox restore process, the “Soft Deleted mailboxes” list, doesn’t contain the name of the Shared-MB01 mailbox anymore.

The meaning is that the status of the Shared-MB01 mailbox was updated from – “Soft Deleted mailbox,” into “Active Deleted mailbox.”

Verifying the status of the restored shared mailbox – using PowerShell -01

Scenario 2#2 | “Directly“ restore the Soft deleted Exchange Online mailbox by using the PowerShell Undo-SoftDeletedMailbox

In the following section, we review the process of restoring Soft deleted Exchange Online mailbox (Shared mailbox named – Shared-MB02) by directly restore the Soft Deleted Shared mailbox (vs. the previous scenario, in which we restore the user account that associated with the Soft Deleted Shared mailbox).

In this scenario, the restore process of the Soft Deleted Shared mailbox implemented by using PowerShell command. The PowerShell command that we use will execute two separate tasks simultaneously:

  1. Restore the Soft Deleted Shared mailbox.
  2. Create new Office 365 user account in the Azure Active Directory.

Restoring Exchange Online Shared mailbox – the flow of events

When we restore the Soft Deleted Shared mailbox, by running the PowerShell command Undo-SoftDeletedMailbox, the following flow of events will occur:

Exchange Online infrastructure

  • Step 1#4 – The status of the recovered Exchange Online mailbox is updated from – Soft Deleted mailbox to – “Active mailbox.” (the Soft Deleted Shared mailbox, is relocated from the Exchange recycle bin to – the Exchange Online active mailbox store).
  • Step 2#4 – Exchange Online, synchronizes the “updated information” to Azure Active Directory infrastructure.

Azure Active Directory infrastructure

  • Step 3#4 – Azure Active Directory get the information about the change in the Exchange Online mailbox status (the fact the that Exchange Online mailbox was recovered).
  • Step 4#4 – Azure Active Directory creates a NEW user account, and “bind” the NEW user account to the Exchange Online Shared mailbox.
Restoring Exchange Online Shared mailbox and creating NEW Office 365 user account

The PowerShell command Undo-SoftDeletedMailbox logic and characters

Before we start with the specific instructions of how to use the PowerShell command Undo-SoftDeletedMailbox for, restoring Soft Deleted Exchange Online mailbox, I would like to review the syntax and the logic of the Undo-SoftDeletedMailbox command.

In our scenario, we use the PowerShell command Undo-SoftDeletedMailbox for executing two tasks:

  1. Restoring the Soft deleted Exchange Online mailbox.
  2. Creating a NEW Azure Active Directory user account.

For this reason, the PowerShell parameters that we need to provide, relate to the name of the Soft Deleted Exchange Online mailbox that we want to restore + the parameters that relate to the NEW Azure Active Directory user account that will create.

In the following diagram, we can see the “two parts” of the Undo-SoftDeletedMailbox PowerShell command.

In the first part, we specify the name of the Exchange Online Soft Deleted mailbox that we want to restore (number 1).

In the second part, we need to provide information that used for creating the NEW Azure Active Directory user account.

The parameter – WindowsLiveID, will use for the UPN (User Principal Name) of the new Azure Active Directory user account + as the primary E-mail address (number 2).

Also, each Azure Active Directory user account should have a password. For this reason, the second Azure Active Directory parameter that we need to provide is the user password.

The syntax of the Undo-SoftDeletedMailbox PowerShell command

An example of the PowerShell syntax is:

Undo-SoftDeletedMailbox -WindowsLiveID -Password (ConvertTo-SecureString -String <‘password‘> -AsPlainText -Force)

Note: The ability restores the Soft Deleted Exchange Online mailbox by using the PowerShell command Undo-SoftDeletedMailbox is based preliminary step, in which we need to connect Exchange Online using remote PowerShell.

In case that you need instructions how to create a Remote PowerShell session to Exchange Online, you can read the article – Connect to Exchange Online PowerShell

Restoring a Soft Deleted Exchange Online Shared mailbox by using the PowerShell command – Undo-SoftDeletedMailbox

In our scenario, we will restore a Soft Deleted Exchange Online Shared mailbox named-
Shared-MB02.

The PowerShell command that we use will

  • Restore the Soft Deleted mailbox (Undo-SoftDeletedMailbox)
  • Create a NEW Office 365 user account (WindowsLiveID) with the same name as the name of the Shared mailbox (Shared-MB02).
  • Set a predefined password of the NEW Office 365 user account (ConvertTo-SecureString)

The PowerShell command syntax that we use in our scenario is:

Undo-SoftDeletedMailbox Shared-MB02@o365info.com -WindowsLiveID
Shared-MB02@o365info.com -Password (ConvertTo-SecureString -String ‘Asd#4R12’ -AsPlainText -Force)

In the following screenshot, we can see that the Exchange Online mailbox restore process successfully completed.

Restore the Soft deleted Exchange Online Shared mailbox using PowerShell - Undo-SoftDeletedMailbox -01

Using the Verbose PowerShell parameter.

I have added to the PowerShell restore mailbox command, the parameter – Verbose.
Using the Verbose parameter, enable us to get additional information about “what happens behind the scenes.”
In our example, the additional information that we get from using the Verbose parameter:

VERBOSE: Creating mailbox “Shared-MB02” with User Principal Name “Shared-MB02@o365info.com” in the organizational unit “EURPR05A001.prod.outlook.com/Microsoft Exchange Hosted Organizations/o365info2.onmicrosoft.com”.

Verify that the Exchange Online Shared mailbox restore process successfully completed.

In case that the restore process successfully completed, the following objects should be restored:

  1. The mailbox – Shared-MB02, should appear in the Exchange Online admin center, under the section
    of recipients \ resources.
  2. The user Shared-MB02 should appear in the Azure Active Directory admin center, under the section of Active users.

Exchange Online admin center – recipients \ resources

In the following screenshot, we can see that mailbox – “Shared-MB02,” was successfully restored.

Restore the Soft deleted Exchange Online Shared mailbox using PowerShell - Undo-SoftDeletedMailbox -02

Active Directory admin center – Active users

In the following screenshot, we can see that user “Shared-MB02,” was successfully restored.

Restore the Soft deleted Exchange Online Room mailbox using PowerShell - Undo-SoftDeletedMailbox -03

It’s important to emphasize that the “older owner” (the Office 365 user account that was soft deleted) of the Shared mailbox, was not restored!

When we look in the Azure Active Directory – Deleted users section, we can see that the older user account – Shared-MB02, still exists.

This user account automatically deleted at the end of the 30-day period.

Restore the Soft deleted Exchange Online Shared mailbox using PowerShell - Undo-SoftDeletedMailbox -04

In case that you wonder – how could it be that the Azure Active Directory contains two different user account that has the same name (the name Shared-MB02)?

The answer is that the “name,” is not a unique identifier.

In an Active Directory environment, the unique identifiers of each object are the GUID (Globally Unique Identifier).

In other words, the previous owner of the Shared mailbox has a different GUID from the “new owner” of the Shared mailbox that restored.

The next article in the current article series

Restore Exchange Online user mailbox | Cloud only (Fully Hosted) environment | Article 1#3 | Part 8#23

o365info Team

o365info Team

This article was written by our team of experienced IT architects, consultants, and engineers.