Skip to content

Restore Exchange Online user mailbox | Cloud only (Fully Hosted) environment | Article 1#3 | Part 8#23

In the following article, we will review the restore process of the Exchange Online user mailbox. We will demonstrate two options for restoring a deleted Exchange Online User mailbox.

Option 1#2 – Restore the Office 365 user account.

In the current article and the next article, we demonstrate the method of – restoring the Office 365 user account, that was the owner of the deleted User mailbox.

The restore process implemented by using the Active Directory admin center interface.

Option 2#2 – Restore the Soft Deleted Exchange Online user mailbox.

In the article – Restore Exchange Online user mailbox | Cloud only (Fully Hosted) environment | Article 3#3 | Part 10#23, we demonstrate the method of – restoring Soft Deleted Exchange Online mailbox, by restoring the Soft Deleted Exchange Online mailbox (the Opposite way from the previous scenario). The restore process implemented by using a PowerShell command.

The Relevance of the Exchange Online User mailbox restores scenario

The demonstration in the current article is relevant to Office 365 implementation, that
I described as – “Fully hosted” or “cloud Only.”
The meaning of this term is – infrastructure, in which:

  • The “directory services,” are solely provided by the Azure Active Directory.
  • The “mail services,” are solely provided by the Exchange Online infrastructure

In other words, there aren’t any relationships, such as – Directory synchronization, with the
On-Premises environment (On-Premise Active Directory or Exchange on-Premises).

The difference between the two methods of mailbox recovery

Method 1 – Restore the deleted Office 365 user account

In our scenario, we review the process of restoring Exchange Online User mailbox.
The recommended way to restore a Soft Deleted Exchange Online User mailbox is – to restore the Soft Deleted Office 365 user account that associated with the Soft Deleted mailbox.

When using the option of restoring a deleted user account that was the “original owner” of a deleted Exchange Online mailbox, the user account “restore event,” will start a “series of events”. Their final result is – the recovery of the Exchange Online mailbox that associated with the restored Office 365 user account.

The option in which we start the mailbox restore process by – restoring the original user account, have two advantages:

  • The restore process will restore the “original Office 365 user account.” The advantage is that all the user properties, group membership, and other settings will also restore.
  • The process of restoring Office 365 user account, can be implemented by using the web-based Office 365 admin center. All we need to do is – just click on the restore user button, and the rest of the restores process will run automatically.

Overall speaking, most of the time, this is the preferred method for restoring a deleted mailbox.

Restoring an Office 365 user account is the recommended option

Method 2 – Restore the deleted Exchange Online mailbox

The second mailbox restores method begins with – “initializing” the recovery procedure of restoring the Soft Deleted Exchange Online mailbox (vs. the previous method, in which the restore process started by restoring the User account that associated with the Soft Deleted mailbox).

Associatively, this method sounds more logical because the seemingly, definition of our task is – “to restore an Exchange Online mailbox,” and not “User account.”

In reality, this restores method is more complicated because we will need to complete an additional task – the task of creating a NEW user account + associated the NEW user account with the restored Exchange mailbox.

Also, the restore process implemented via PowerShell, and this interface is less user-friendly vs. the previous scenario, in which we use the Office 365 admin web-based interface.

Note: I mention that in our scenario, we will need to complete the additional task of – creating a NEW user account that will associate with the restored mailbox.

Theoretically, we can choose to restore the Soft Deleted Exchange Online mailbox + restore the “original user account” that associated with the Soft Deleted Exchange mailbox.

The problem is that in an Office 365 environment, this option is implemented improperly, and can lead to unwanted results.

In the article: What are the possible options for recovering Exchange Online mailbox? | Part 4#23, I provide more details about this option and the reasons that I don’t recommend using this “mailbox recovery method.”

In Office 365 based environment, the method of “directly” restore the deleted mailbox implemented in the following way:

We will use a PowerShell command that will handle:

  1. The restore process of the Soft Deleted Exchange Online mailbox.
  2. Create a NEW Office 365 user account in the Azure Active Directory.

When using this method, we lose the connection to the “original user account,” that was the previous owner of the restored mailbox.

The “original deleted user account” will continue to be stored in the Azure Active Directory recycle bin, and will be deleted at the end of the of the 30-day period.

The process of restoring Exchange Online mailbox implemented via a PowerShell command named Undo-SoftDeletedMailbox.

Note: In case that the original user account doesn’t exist anymore (Hard deleted), we cannot use the option of the PowerShell command Undo-SoftDeletedMailbox.

In this scenario, we will need to use the PowerShell command New-MailboxRestoreRequest that will enable us to restore the content of the deleted mailbox to another active mailbox.

We will cover this scenario in the article – Restore Exchange Online user mailbox | Cloud only (Fully Hosted) environment | Article 2#3 | Part 9#23

Restore Office 365 User mailbox – scenario description

In our scenario, we will demonstrate the restore process of the following Exchange Online User mailboxes:

  • Angelina
  • Brad

To be able to demonstrate the process of restoring Exchange mailbox by restoring the Office 365 user account that considers as the owner of the Deleted Exchange Online mailbox, we will simulate an event, in which the Office 365 user accounts that are “associated” with each of the Exchange Online mailboxes deleted.

The deletion of the Office 365 accounts, will start a “series of events,” which their result is – the deletion of the Exchange Online mailbox that associated with the Office 365 user account.

The Exchange mailbox restores demonstration, will be implemented by using the two following scenarios:

The Exchange mailbox restore demonstration, will be carried out by using the two following scenarios:

Scenario 1 – Restoring the deleted Office 365 user account

We will restore Angelina’s Exchange mailbox, by restoring the Angelina deleted Office 365 user account (non-direct restore process).

Scenario 2 – Restore the Soft Deleted Exchange Online mailbox

We will restore Brad’s Exchange Online mailbox, by using PowerShell command that will implement the following steps:

  1. Restore the Soft Deleted Exchange Online User mailbox.
  2. Create a NEW Office 365 user account + user password
  3. “Bind” the restored Exchange Online mailbox to the NEW Office 365 user

We will implement this “restore process” by using the PowerShell command Undo-SoftDeletedMailbox

The restore scenarios that will be implemented -03

The “object deletion flow” in Office 365 and Exchange Online base environment

Just a quick reminder of the “deletion flow” in Office 365 and Exchange Online base environment:

  • Step 1#4 and 2#4 – When we delete an Office 365 user account (the user accounts that associated with the user mailbox in our example), the user account, will be “sent” to the Azure Active Directory recycle bin.
  • Also, the Exchange Online license that assigned to the Office 365 user who was deleted will remove.
  • Step 3#4 – Windows Azure Active Directory “inform” (synchronize the information) the Exchange Online infrastructure, about the fact that – Exchange Online license that was assigned the Soft Deleted Office 365 user account removed.
  • Step 4#4 – Thus, Exchange Online will delete the user mailbox that was associated with the Office 365 user account.
  • The deleted Exchange Online user mailbox will be “sent” to the Exchange Online recycle bin, and stay there for 30 days. At the end of the 30-day period, the user mailbox will be deleted permanently (Hard Deleted).
The Office 365 user account that is defined as the ?USER mailbox owner – Deleted - The chain of events

Phase 1#3 – Preparing the User mailbox deletion scenario infrastructure

An important element that we not mentioned up until now is the “additional data” that is “bound” to the user account and the mailbox.

The main question is – even if we successfully manage to restore user account or Exchange Online mailbox, what about the information that was “attached” to the user\mailbox such as – permissions, details, group membership and so on.

For example:

Office 365 user account object properties \ information

Regarding the Office 365 user account that will be deleted and then restored, we would like to verify, what is the data that will restore.

The data that is related to the Windows Azure Active Directory user account is:

  1. User information (telephone number, office address, etc.).
  2. License – the specific Office 365 license that is assigned to the user account
  3. Group membership – the groups in which the user is defined as a member.

Exchange Online mailbox properties \ information

Regarding the Exchange Online mailbox that will be deleted and then restored, we would like to verify, what is the data that will restore.

The data that is related to Exchange Online mailbox is:

  1. The content of the mailbox (E-mail, calendar, etc.).
  2. Mailbox permissions – the permissions that the Exchange Online mailbox owners have on another Exchange Online mailboxes and vice versa.
The elements that we want to verify in our mailbox recovery scenario

The good news is that when we restore Soft Deleted user\mailbox, in an Office 365 based environment, the object fully restored with all the details and the information that was “bound” to the original object before it deleted.

Testing the ability to restore mailbox permissions

In our scenario, we implement the following mailbox permission’s matrix:

  • Bob will have Full Access permissions to Angelina and Brad’s mailboxes.
  • Brad will have Full Access permissions to Bob’s
  • Angelina will have Full Access permissions to Bob’s

After we restore the Soft delete mailboxes, we will verify if these mailbox permissions were kept or not

The mailbox permissions information -02

In the following screenshot, we can see that we have created two Office 365 users accounts: Angelina and Brad.

Preparing the user mailbox deletion scenario infrastructure - Phase 1-5 - 01

We assign Exchange Online license for each of these user accounts, and in the next screenshot, we can see that an Exchange Online mailbox created for each of the user’s account.

Preparing the user mailbox deletion scenario infrastructure - Phase 1-5 - 02

The “Office 365 Test user accounts” user’s properties

Before we delete the Office 365 user accounts, let’s briefly review the properties of these users.

In the following screenshots, we can see the following information:

Angelina is a member of the following groups: Human Resources and IT Help Desk

Preparing the user mailbox deletion scenario infrastructure - Phase 1-5 - 03

This is the information about Angelina Office 365 user account

Preparing the user mailbox deletion scenario infrastructure - Phase 1-5 - 04

Brad is a member of the following groups: Human Resources and IT Help Desk

Preparing the user mailbox deletion scenario infrastructure - Phase 1-5 - 05

This is the information about Brad Office 365 user account

Preparing the user mailbox deletion scenario infrastructure - Phase 1-5 - 06

The “Test user – Exchange Online mailboxes” properties

As mentioned, we have created the following Exchange Online permission’s matrix:

Bob has Full Access permissions to the Angelina + Brad’s mailbox.

Preparing the user mailbox deletion scenario infrastructure - Phase 1-5 - 07

Brad have Full Access permissions on Bob mailbox.

Preparing the user mailbox deletion scenario infrastructure - Phase 1-5 - 08

Angelina has Full Access permissions on Bob mailbox.

Preparing the user mailbox deletion scenario infrastructure - Phase 1-5 - 09

Phase 2#3 – Simulate the event of User mailbox deletion, by deleting the associated Office 365 user accounts

In the section, we will simulate the event of Exchange Online User mailbox deletion.
We will execute the User mailbox “deletion event,” by deleting the Office 365 user accounts, that consider as the “owner” of the particular Exchange Online User mailboxes.

In our scenario, we select the following Office 365 user accounts: Brad and Angelina.

Simulate event of user mailbox deletion -deleting the Office 365 user account mailbox owner -01

When we select the delete button, the following warning message appears:

When you delete users, their data deleted, and their licenses can assign to other users. You can restore deleted users and their data for up to 30 days after you delete them.

Azure Active Directory, inform us that the Office 365 user not permanently deleted, but instead, will be kept over a period of 30 days (Soft Deleted – saved in the Azure Active Directory recycle bin).

Simulate event of user mailbox deletion -deleting the Office 365 user account mailbox owner -02
  • Click on the Close button
Simulate event of user mailbox deletion -deleting the Office 365 user account mailbox owner -03

In the following screenshot, we can see that the Office 365 users account (Bob and Angelina) are
“relocated” and sent to the Azure Active Directory recycle bin.

Simulate event of user mailbox deletion -deleting the Office 365 user account mailbox owner -04

Get information about the soft deleted Exchange Online User mailboxes

In the previous section, we have started a sequence of events, which lead to the deletion of the Exchange Online User mailbox.

The deleted Exchange User mailboxes, consider as “Soft deleted” mailboxes, and they are stored in the Exchange Online recycle bin store.

Exchange Online environment, offer us two options for viewing the “content” of the Exchange Online recycle bin.

Option 1 – using PowerShell

To be able to view the content of the Exchange Online recycle bin, we can use the following PowerShell command:

Get-Mailbox -SoftDeletedMailbox

In the following screenshot, we can see the result.
The Exchange Online recycle bin contains the Bob and Angelina mailboxes.

Get information about the soft deleted Exchange Online user mailboxes -03

Note: The ability to view the content of the Exchange Online recycle bin, is based preliminary step, in which we need to connect Exchange Online using remote PowerShell.

In case that you need instructions regarding the operation of – creating remote PowerShell session to Exchange Online, you can read the article – Connect to Exchange Online PowerShell

Option 2 – using the Exchange Online admin center

The another option that we can use for viewing the content of the Exchange recycle bin is – by using the “Deleted mailboxes” menu in the Exchange Online admin center.

To be able to view the list of Soft Deleted mailboxes, use the following steps:

  • Login to Exchange Online admin page
  • On the left menu bar, select the menu – recipients
  • On the top menu bar, select the menu – mailboxes
  • Click on the three dots icon
  • Select the menu – Deleted mailboxes
Get information about the soft deleted Exchange Online user mailboxes -01

In the following screenshot, we can see the “graphical presentation” of the Soft Deleted mailboxes (the content of the Exchange Online recycle bin).

Notice that the interface includes a menu option named- Recover.
I strongly recommend not using this “recover menu” option because – the results can be unpredictable.

In the article – Restore Exchange Online user mailbox | Cloud only (Fully Hosted) environment | Article 2#3 | Part 9#23, I provide more details about this option and the reasons I recommend don’t using this “mailbox recovery option”.

Get information about the soft deleted Exchange Online user mailboxes -02

In the next article, we will continue to process of restoring Angelina Soft Deleted Exchange Online mailbox by restoring Angelina Office 365 user account.

The next article in the current article series

Restore Exchange Online user mailbox | Cloud only (Fully Hosted) environment | Article 2#3 | Part 9#23

o365info Team

o365info Team

This article was written by our team of experienced IT architects, consultants, and engineers.

This Post Has One Comment

  1. Perfect! Thank you for this article – it allowed me to recover a user’s soft-deleted mailbox contents flawlessly.

Leave a Reply

Your email address will not be published. Required fields are marked *