Force delete Microsoft 365 mailbox with PowerShell

You get an error when you force delete a Microsoft 365 mailbox from the recycle bin with Exchange Online PowerShell. The problem is that most hard deleted mailboxes are not entirely correctly removed. This article will show you how to permanently force delete user, shared, room, and equipment mailbox with PowerShell.

Table of contents

Force hard delete Microsoft 365 mailbox error

Let’s look at how the force hard delete mailbox error appears with PowerShell.

Note: Before permanently deleting any mailbox, you must soft delete it to find it in the Microsoft Entra ID recycle bin.

In our example, we have soft deleted all types of mailboxes, and we want to delete them permanently from the recycle bin.

  1. Start Windows PowerShell as administrator and run the cmdlet Connect-ExchangeOnline to Connect to Exchange Online PowerShell.
Connect-ExchangeOnline
  1. Sign in with your credentials.
  1. Run the below command to get a list of all the soft deleted mailboxes with PowerShell.
Get-Mailbox -SoftDeletedMailbox
  1. The PowerShell output result is shown below.
Name                      Alias           Database            ProhibitSendQuota    ExternalDirectoryObjectId           
----                      -----           --------            -----------------    -------------------------           
Melissa Kelly             Melissa.Kelly   EURPR02DG235-db031  99 GB (106,300,44... 3c790bcf-48d2-44f7-b1f7-e06c18bbe097
Projector 11              Projector11     EURPR02DG257-db113  49.5 GB (53,150,2... 2c849a06-2d71-48ca-b35e-21c894b93072
EquipmentTest             EquipmentTest   EURPR02DG506-db110  49.5 GB (53,150,2... 3745e1c5-8764-4f75-914a-46f69ffeb20d
Info Box3                 InfoBox3        EURPR02DG493-db376  49.5 GB (53,150,2... bb7fd29a-ec5a-407f-aaf4-34ce4bbc97ea
Projector 21              Projector21     EURPR02DG202-db028  49.5 GB (53,150,2... 628cd9d3-3994-4469-8794-f089396bae40
c474ceb9-a536-4526-83d... Amanda.Hansen   EURPR02DG180-db069  49.5 GB (53,150,2... c474ceb9-a536-4526-83db-8c72ed1604a8
Julia Wood                Julia           EURPR02DG528-db077  99 GB (106,300,44... 99df7b19-ab34-4bc2-8d69-d7de1382cbee
Info Box                  InfoBox         EURPR02DG504-db416  49.5 GB (53,150,2... bd8a36bd-cd76-4e69-8162-f700e268ee79
  1. The PowerShell syntax below will show an error for all mailbox types (user, shared, room, and equipment), and it will not remove the hard deleted mailboxes from this list.
Get-Mailbox -Identity "user@domain.com" | Remove-Mailbox -PermanentlyDelete -Force -Confirm:$false
  1. This is what it looks like in the PowerShell output.
Write-ErrorMessage : Ex6F9304|Microsoft.Exchange.Configuration.Tasks.ManagementObjectNotFoundException|The operation couldn't be performed because object 'Julia.Wood@m365info.com' couldn't 
be found on 'HE1PR02A11DC002.EURPR02A011.PROD.OUTLOOK.COM'.
At C:\Users\AppData\Local\Temp\tmpEXO_01jl4f0q.nce\tmpEXO_01jl4f0q.nce.psm1:1121 char:13
+             Write-ErrorMessage $ErrorObject
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Get-Mailbox], ManagementObjectNotFoundException
    + FullyQualifiedErrorId : [Server=AM9PR02MB7203,RequestId=cc70c628-35c2-74ca-45ad-6df02e5db1ba,TimeStamp=Wed, 15 Mar 2023 22:59:05 GMT],Write-ErrorMessage

Why do we get the error when we want to delete the mailbox permanently with PowerShell?

Let’s take a look at the solution in the next step.

Solution permanently force delete Microsoft 365 mailbox with PowerShell

The solution to force delete any mailbox with PowerShell is to hard delete it first and then permanently remove it. Follow the steps below to see how you can hard delete a mailbox with PowerShell without an error.

1. Connect to Microsoft Graph PowerShell

Before you start, you must install the Microsoft Graph PowerShell module, including the Microsoft Graph Beta module.

  1. Run the below commands to install both modules.
Install-Module Microsoft.Graph -Force
Install-Module Microsoft.Graph.Beta -AllowClobber -Force

Important: Always install the Microsoft Graph PowerShell and Microsoft Graph Beta PowerShell modules. That’s because some cmdlets are not yet available in the final version and will not work. Update both modules to the latest version before you run a cmdlet or script to prevent errors and incorrect results.

  1. Start Windows PowerShell as administrator and Connect to Microsoft Graph PowerShell.
  2. Run the Connect-MgGraph cmdlet with permissions.
Connect-MgGraph -Scopes "User.Read.All", "User.ReadWrite.All", "Directory.AccessAsUser.All", "Directory.ReadWrite.All"
  1. Fill in the administrator credentials and sign in.
  2. Enable Consent on behalf of your organization.
  3. Click Accept.
Force delete mailbox error with PowerShell sign in permission

2. Display all soft deleted mailboxes

Before we can hard delete a single mailbox, we need the information value of the parameter -ObjectId.

We will display a list of all soft deleted mailboxes from the Microsoft Entra ID recycle bin. Create a temp folder in your (C:) drive if you don’t have one. The below script will show the list in a grid view and save the CSV file to the temp folder.

Run the below PowerShell script to get all soft deleted mailboxes.

# Retrieve deleted directory items
$DeletedItems = Get-MgDirectoryDeletedItem -DirectoryObjectId Microsoft.Graph.User -Property 'Id', 'displayName', 'deletedDateTime', 'userType'

# Check if there are no deleted accounts
if ($DeletedItems.AdditionalProperties['value'].count -eq 0) {
    Write-Host "No deleted accounts found - exiting"
}
else {
    # Create an array to store the report
    $Report = @()

    # Loop through the deleted items
    foreach ($Item in $DeletedItems.AdditionalProperties['value']) {
        $DeletedDate = Get-Date($Item['deletedDateTime'])
        $DaysSinceDeletion = (New-TimeSpan $DeletedDate).Days

        # Create a custom object for each item and add it to the report
        $ReportLine = [PSCustomObject]@{
            ObjectId              = $Item['id']
            Name                  = $Item['displayName']
            Deleted               = $DeletedDate
            'Days Since Deletion' = $DaysSinceDeletion
            Type                  = $Item['userType']
        }
        $Report += $ReportLine
    }

    # Sort and export the report by 'Days Since Deletion'
    $Report | Sort-Object 'Days Since Deletion' | select ObjectId, Name, Deleted, 'Days Since Deletion' | Out-GridView
    $Report | Sort-Object 'Days Since Deletion' | Export-CSV -Encoding UTF8 -NoTypeInformation "C:\temp\DeletedUsers.csv"
}

The Out-GridView appears after the script finishes. You will find the CSV file in the C:\temp folder. Open the CSV file with an application like Microsoft Excel to see the results.

All soft deleted users export to CSV file

3. Hard delete mailbox with PowerShell

This above list will only display the soft deleted mailboxes, as seen in the Microsoft Entra ID recycle bin. In our example, we want to hard delete the user mailbox of Julia Wood, so we need to copy and use the -ObjectId.

We must use the Remove-MgDirectoryDeletedItem cmdlet to delete a recently deleted Microsoft Entra ID account.

Note: Once you hard delete a user, there is no opportunity to restore this user or any data associated with that user.

See the below PowerShell syntax to hard delete a user mailbox.

Remove-MgDirectoryDeletedItem -DirectoryObjectId "Object ID"

Run the below PowerShell example.

Remove-MgDirectoryDeletedItem -DirectoryObjectId "99df7b19-ab34-4bc2-8d69-d7de1382cbee"

It will automatically delete the user mailbox permanently.

4. Check soft deleted mailbox removed from recycle bin

After running one of the above commands, we can check if the deleted user is not in the Microsoft Entra ID recycle bin list.

Run the below PowerShell command.

Get-Mailbox -SoftDeletedMailbox | ft

Note: Wait a few minutes before you run the PowerShell command Get-Mailbox -SoftDeletedMailbox to see the correct results. It can take some time before the changes populate on the Exchange Online servers.

The PowerShell output result displays the soft and hard deleted mailboxes.

Name                      Alias           Database            ProhibitSendQuota    ExternalDirectoryObjectId
----                      -----           --------            -----------------    ------------------------- 
Melissa Kelly             Melissa.Kelly   EURPR02DG235-db031  99 GB (106,300,44... 3c790bcf-48d2-44f7-b1f7-e06c18bbe097
Projector 11              Projector11     EURPR02DG257-db113  49.5 GB (53,150,2... 2c849a06-2d71-48ca-b35e-21c894b93072
EquipmentTest             EquipmentTest   EURPR02DG506-db110  49.5 GB (53,150,2... 3745e1c5-8764-4f75-914a-46f69ffeb20d
Info Box3                 InfoBox3        EURPR02DG493-db376  49.5 GB (53,150,2... bb7fd29a-ec5a-407f-aaf4-34ce4bbc97ea
Projector 21              Projector21     EURPR02DG202-db028  49.5 GB (53,150,2... 628cd9d3-3994-4469-8794-f089396bae40
c474ceb9-a536-4526-83d... Amanda.Hansen   EURPR02DG180-db069  49.5 GB (53,150,2... c474ceb9-a536-4526-83db-8c72ed1604a8
Julia Wood                Julia           EURPR02DG528-db077  99 GB (106,300,44... 
Info Box                  InfoBox         EURPR02DG504-db416  49.5 GB (53,150,2... bd8a36bd-cd76-4e69-8162-f700e268ee79

Check if the ExternalDirectoryObjectId for the hard deleted mailbox is empty. In our example, Julia Wood has no ExternalDirectoryObjectId value, meaning the user mailbox is hard deleted.

Note: Suppose you already hard deleted a mailbox from the Microsoft Entra ID recycle bin before, and you might still find it in the soft deleted mailbox list. The only difference is that the mailbox is without an ExternalDirectoryObjectId.

It means the mailbox is not deleted permanently because you must complete one last step.

5. Permanently force delete Microsoft 365 mailbox with PowerShell

The last step is to delete the mailbox without an ExternalDirectoryObjectId from this soft deleted mailbox list.

Force hard delete any mailbox type with the below PowerShell syntax.

Get-Mailbox -Identity "user@domain.com" -SoftDeletedMailbox | Remove-Mailbox -PermanentlyDelete -Force -Confirm:$false

Run the PowerShell command example to delete a mailbox permanently.

Get-Mailbox -Identity "Julia.Wood@m365info.com" -SoftDeletedMailbox | Remove-Mailbox -PermanentlyDelete -Force -Confirm:$false

You successfully force deleted a mailbox with PowerShell without an error.

Verify Microsoft 365 mailbox deleted permanently

To verify that you removed the mailbox permanently, you must wait a minute before running the below cmdlet.

Run the below PowerShell command to display a list of all soft deleted mailboxes.

Get-Mailbox -SoftDeletedMailbox

Check if the hard deleted mailbox is on the list. For example, if you permanently deleted the user mailbox Julia.Wood@m365info.com, you should not find it in this list anymore.

The PowerShell output looks like this.

Name                      Alias           Database            ProhibitSendQuota    ExternalDirectoryObjectId
----                      -----           --------            -----------------    -------------------------
Melissa Kelly             Melissa.Kelly   EURPR02DG235-db031  99 GB (106,300,44... 3c790bcf-48d2-44f7-b1f7-e06c18bbe097
Projector 11              Projector11     EURPR02DG257-db113  49.5 GB (53,150,2... 2c849a06-2d71-48ca-b35e-21c894b93072
EquipmentTest             EquipmentTest   EURPR02DG506-db110  49.5 GB (53,150,2... 3745e1c5-8764-4f75-914a-46f69ffeb20d
Info Box3                 InfoBox3        EURPR02DG493-db376  49.5 GB (53,150,2... bb7fd29a-ec5a-407f-aaf4-34ce4bbc97ea
Projector 21              Projector21     EURPR02DG202-db028  49.5 GB (53,150,2... 628cd9d3-3994-4469-8794-f089396bae40
c474ceb9-a536-4526-83d... Amanda.Hansen   EURPR02DG180-db069  49.5 GB (53,150,2... c474ceb9-a536-4526-83db-8c72ed1604a8
Info Box                  InfoBox         EURPR02DG504-db416  49.5 GB (53,150,2... bd8a36bd-cd76-4e69-8162-f700e268ee79

Now you can permanently force delete every mailbox you already hard deleted from the Microsoft Entra ID recycle bin.

Did this help you to solve your force delete mailbox error with PowerShell?

Read more: Manage Microsoft 365 users recycle bin »

Conclusion

You learned to force delete Microsoft 365 mailbox with PowerShell. The solution to this error is to connect to Microsoft Graph PowerShell to hard delete the mailbox. After that, you need to force delete the mailbox permanently with Exchange Online PowerShell.

Did you enjoy this article? You may also like Manage Office 365 Shared Mailbox with PowerShell. Don’t forget to follow us and share this article.

o365info Team

o365info Team

This article was written by our team of experienced IT architects, consultants, and engineers.

X Twitter

What Others Are Reading

This Post Has 4 Comments

  1. Will this work with recently unlicensed mailboxes that I don’t want to wait 30 days to delete?

    Reply

  2. Hello,

    thank you very much for your article. Provided with the commands to use here, I did do things a bit differently, which I’m going to share because it might be a bit more straight-forward.
    I started playing around with the commands a bit first, so I could be careful.

    On one of the first commands listed here:
    Get-Mailbox -Identity “user@domain.com” | Remove-Mailbox -PermanentlyDelete …
    The reason an error comes up that the mailbox can’t be found, is because it’s searching the list of non soft-deleted mailboxes. This happened to me too at first. To do Get-Mailbox on a soft-deleted mailbox, you also have to add the -SoftDeletedMailbox parameter.

    At this point it will try to remove the soft-deleted Mailbox:
    Get-Mailbox -SoftDeletedMailbox “mailbox” | Remove-Mailbox -PermanentlyDelete
    Now another error will come up, as you also went into. There is still a user account connected to this mailbox; the account shown in ExternalDirectoryObjectId of the mailbox, which is a soft-deleted user in Azure AD.
    This is what I wanted to share: you can just list & delete these soft deleted users in the Azure/Entra web portal, by going to Users -> Deleted Users in the left menu, or by going to https://entra.microsoft.com/#view/Microsoft_AAD_UsersAndTenants/UserManagementMenuBlade/~/DeletedUsers/menuId/DeletedUsers

    This can skip steps 1-3 in the article, and continuing on step 4 you can verify that ExternalDirectoryObjectId for the mailbox is empty, and it can be removed.
    Just found it easier for me to do this way. Thank you again for the article.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *