We will demonstrate two options for restoring a deleted Exchange Online User mailbox.
Restore Exchange mailbox | Article Series table of content | Click to expand
Restore Exchange Online deleted mailbox | Article Series
Option 1#2 – Restore the Office 365 user account.
In the current article and the next article, we demonstrate the method of – restoring the Office 365 user account, that was the owner of the deleted User mailbox.
The restore process implemented by using the Active Directory admin center interface.
Option 2#2 – Restore the Soft Deleted Exchange Online user mailbox.
In the article – Restore Exchange Online user mailbox | Cloud only (Fully Hosted) environment | Article 3#3 | Part 10#23, we demonstrate the method of – restoring Soft Deleted Exchange Online mailbox, by restoring the Soft Deleted Exchange Online mailbox (the Opposite way from the former scenario). The restore process implemented by using a PowerShell command.
The Relevance of the Exchange Online User mailbox restores scenario
The demonstration in the current article is relevant to Office 365 implementation, that
I described as – “Fully hosted” or “cloud Only.”
The meaning of this term is – infrastructure, in which:
- The “directory services,” are solely provided by the Azure Active Directory.
- The “mail services,” are solely provided by the Exchange Online infrastructure
In other words, there aren’t any relationships, such as – Directory synchronization, with the
On-Premises environment (On-Premise Active Directory or Exchange on-Premises).
The difference between the two methods of mailbox recovery
Method 1 – Restore the deleted Office 365 user account
In our scenario, we review the process of restoring Exchange Online User mailbox.
The recommended way to restore a Soft Deleted Exchange Online User mailbox is – to restore the Soft Deleted Office 365 user account that associated with the Soft Deleted mailbox.
When using the option of restoring a deleted user account that was the “original owner” of a deleted Exchange Online mailbox, the user account “restore event,” will start a “series of events”. Their final result is – the recovery of the Exchange Online mailbox that associated with the restored Office 365 user account.
The option in which we start the mailbox restore process by – restoring the original user account, have two advantages:
- The restore process will restore the “original Office 365 user account.” The advantage is that all the user properties, group membership, and other settings will also restore.
- The process of restoring Office 365 user account, can be implemented by using the web-based Office 365 admin center. All we need to do is – just click on the restore user button, and the rest of the restores process will run automatically.
Overall speaking, most of the time, this is the preferred method for restoring a deleted mailbox.
Method 2 – Restore the deleted Exchange Online mailbox
The second mailbox restores method begins with – “initializing” the recovery procedure of restoring the Soft Deleted Exchange Online mailbox (versus the former method, in which the restore process started by restoring the User account that associated with the Soft Deleted mailbox).
Associatively, this method sounds more logical because, the seemingly, definition of our task is – “to restore an Exchange Online mailbox,” and not “User account.”
In reality, this restores method is more complicated because we will need to complete an additional task – the task of creating a NEW user account + associated the NEW user account with the restored Exchange mailbox.
Also, the restore process implemented via PowerShell, and this interface is less user-friendly versus the former scenario, in which we use the Office 365 admin web-based interface.
Theoretically, we can choose to restore the Soft Deleted Exchange Online mailbox + restore the “original user account” that associated with the Soft Deleted Exchange mailbox.
The problem is that in an Office 365 environment, this option is implemented improperly, and can lead to unwanted results.
In Office 365 based environment, the method of “directly” restore the deleted mailbox implemented in the following way:
We will use a PowerShell command that will handle:
- The restore process of the Soft Deleted Exchange Online mailbox.
- Create a NEW Office 365 user account in the Azure Active Directory.
When using this method, we lose the connection to the “original user account,” that was the former owner of the restored mailbox.
The “original deleted user account” will continue to be stored in the Azure Active Directory recycle bin, and will be deleted at the end of the of the 30-day period.
The process of restoring Exchange Online mailbox implemented via a PowerShell command named – Undo-SoftDeletedMailbox.
Note – in case that the original user account doesn’t exist anymore (Hard deleted), we cannot use the option of the PowerShell command – Undo-SoftDeletedMailbox.
In this scenario, we will need to use the PowerShell command
New-MailboxRestoreRequest that will enable us to restore the content of the deleted mailbox to another active mailbox.
Restore Office 365 User mailbox – scenario description
In our scenario, we will demonstrate the restore process of the following Exchange Online User mailboxes:
To be able to demonstrate the process of restoring Exchange mailbox by restoring the Office 365 user account that considers as the owner of the Deleted Exchange Online mailbox, we will simulate an event, in which the Office 365 user accounts that are “associated” with each of the Exchange Online mailboxes deleted.
The deletion of the Office 365 accounts, will start a “series of events,” which their result is – the deletion of the Exchange Online mailbox that associated with the Office 365 user account.
The Exchange mailbox restores demonstration, will be implemented by using the two following scenarios:
The Exchange mailbox restore demonstration, will be carried out by using the two following scenarios:
Scenario 1 – Restoring the deleted Office 365 user account
We will restore Angelina’s Exchange mailbox, by restoring the Angelina deleted Office 365 user account (non-direct restore process).
Scenario 2 – Restore the Soft Deleted Exchange Online mailbox
We will restore Brad’s Exchange Online mailbox, by using PowerShell command that will implement the following steps:
- Restore the Soft Deleted Exchange Online User mailbox.
- Create a NEW Office 365 user account + user password
- “Bind” the restored Exchange Online mailbox to the NEW Office 365 user
We will implement this “restore process” by using the PowerShell command- Undo-SoftDeletedMailbox
The “object deletion flow” in Office 365 and Exchange Online base environment
Just a quick reminder of the “deletion flow” in Office 365 and Exchange Online base environment:
- Step 1#4 and 2#4 – When we delete an Office 365 user account (the user accounts that associated with the user mailbox in our example), the user account, will be “sent” to the Azure Active Directory recycle bin.
- Also, the Exchange Online license that assigned to the Office 365 user who was deleted will remove.
- Step 3#4 – Windows Azure Active Directory “inform” (synchronize the information) the Exchange Online infrastructure, about the fact that – Exchange Online license that was assigned the Soft Deleted Office 365 user account removed.
- Step 4#4 – Thus, Exchange Online will delete the user mailbox that was associated with the Office 365 user account.
- The deleted Exchange Online user mailbox will be “sent” to the Exchange Online recycle bin, and stay there for 30 days. At the end of the 30-day period, the user mailbox will be deleted permanently (Hard Deleted).
Phase 1#3 – Preparing the User mailbox deletion scenario infrastructure
An important element that we not mentioned up until now is the “additional data” that is “bound” to the user account and the mailbox.
The main question is – even if we successfully manage to restore user account or Exchange Online mailbox, what about the information that was “attached” to the user\mailbox such as – permissions, details, group membership and so on.
Office 365 user account object properties \ information
Regarding the Office 365 user account that will be deleted and then restored, we would like to verify, what is the data that will restore.
The data that is related to the Windows Azure Active Directory user account is:
- User information (telephone number, office address, etc.).
- License – the specific Office 365 license that is assigned to the user account
- Group membership – the groups in which the user is defined as a member.
Exchange Online mailbox properties \ information
Regarding the Exchange Online mailbox that will be deleted and then restored, we would like to verify, what is the data that will restore.
The data that is related to Exchange Online mailbox is:
- The content of the mailbox (E-mail, calendar, etc.).
- Mailbox permissions – the permissions that the Exchange Online mailbox owners have on another Exchange Online mailboxes and vice versa.
The good news is that when we restore Soft Deleted user\mailbox, in an Office 365 based environment, the object fully restored with all the details and the information that was “bound” to the original object before it deleted.
Testing the ability to restore mailbox permissions
In our scenario, we implement the following mailbox permission’s matrix:
- Bob will have Full Access permissions to Angelina and Brad’s mailboxes.
- Brad will have Full Access permissions to Bob’s
- Angelina will have Full Access permissions to Bob’s
After we restore the Soft delete mailboxes, we will verify if these mailbox permissions were kept or not
In the following screenshot, we can see that we have created two Office 365 users accounts: Angelina and Brad.
We assign Exchange Online license for each of these user accounts, and in the next screenshot, we can see that an Exchange Online mailbox created for each of the user’s account.
The “Office 365 Test user accounts” user’s properties
Before we delete the Office 365 user accounts, let’s briefly review the properties of these users.
In the following screenshots, we can see the following information:
Angelina is a member of the following groups: Human Resources and IT Help Desk
This is the information about Angelina Office 365 user account
Brad is a member of the following groups: Human Resources and IT Help Desk
This is the information about Brad Office 365 user account
The “Test user – Exchange Online mailboxes” properties
As mentioned, we have created the following Exchange Online permission’s matrix:
Bob has Full Access permissions to the Angelina + Brad’s mailbox.
Brad have Full Access permissions on Bob mailbox.
Angelina has Full Access permissions on Bob mailbox.
Phase 2#3 – Simulate the event of User mailbox deletion, by deleting the associated Office 365 user accounts
In the section, we will simulate the event of Exchange Online User mailbox deletion.
We will execute the User mailbox “deletion event,” by deleting the Office 365 user accounts, that consider as the “owner” of the particular Exchange Online User mailboxes.
In our scenario, we select the following Office 365 user accounts: Brad and Angelina.
When we select the delete button, the following warning message appears:
Azure Active Directory, inform us that the Office 365 user not permanently deleted, but instead, will be kept over a period of 30 days (Soft Deleted – saved in the Azure Active Directory recycle bin).
- Click on the Close button
In the following screenshot, we can see that the Office 365 users account (Bob and Angelina) are
“relocated” and sent to the Azure Active Directory recycle bin.
Get information about the soft deleted Exchange Online User mailboxes
In the former section, we have started a sequence of events, which lead to the deletion of the Exchange Online User mailbox.
The deleted Exchange User mailboxes, consider as “Soft deleted” mailboxes, and they are stored in the Exchange Online recycle bin store.
Exchange Online environment, offer us two options for viewing the “content” of the Exchange Online recycle bin.
Option 1 – using PowerShell
To be able to view the content of the Exchange Online recycle bin, we can use the following PowerShell command:
In the following screenshot, we can see the result.
The Exchange Online recycle bin contains the Bob and Angelina mailboxes.
Note – the ability to view the content of the Exchange Online recycle bin, is based preliminary step, in which we need to connect Exchange Online using remote PowerShell. In case that you need instructions regarding the operation of – creating remote PowerShell session to Exchange Online, you can read the article – Connect to Exchange Online using PowerShell
Option 2 – using the Exchange Online admin center
The another option that we can use for viewing the content of the Exchange recycle bin is – by using the “Deleted mailboxes” menu in the Exchange Online admin center.
To be able to view the list of Soft Deleted mailboxes, use the following steps:
- Login to Exchange Online admin page
- On the left menu bar, select the menu – recipients
- On the top menu bar, select the menu – mailboxes
- Click on the three dots icon
- Select the menu – Deleted mailboxes
In the following screenshot, we can see the “graphical presentation” of the Soft Deleted mailboxes (the content of the Exchange Online recycle bin).
Notice that the interface includes a menu option named- Recover.
I strongly recommend not using this “recover menu” option because – the results can be unpredictable.
In the next article, we will continue to process of restoring Angelina Soft Deleted Exchange Online mailbox by restoring Angelina Office 365 user account.
The next article in the current article series
It is important for us to know your opinion on this article