Reputation: 4733
Purging deleted external user from AzureAD / Office 365 fails with UserNotFoundException
I am trying to purge a deleted user from Office 365 / AzureAD. The way to do this seems to be Remove-MsolUser with the -RemoveFromRecycleBin flag.
I can retrieve the user with
Get-MsolUser -All -ReturnDeletedUsers | ? {$_.userPrincipalName -eq $USERNAME}
When I try to remove it with
Remove-MsolUser -UserPrincipalName $USERNAME -RemoveFromRecycleBin
I get
Remove-MsolUser : User Not Found in the Microsoft Online directory Deleted Users container. User:
xxxxxx#EXT#@yyyyyyyyy.
In Zeile:1 Zeichen:1
+ Remove-MsolUser -UserPrincipalName $USERNAME -RemoveFromRecycleBin
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OperationStopped: (:) [Remove-MsolUser], MicrosoftOnlineException
+ FullyQualifiedErrorId : Microsoft.Online.Administration.Automation.UserNotFoundException,Microsoft.Online.Admini
stration.Automation.RemoveUser
This problem occurs if the user who is performing the action is not a global admin.
However my using is global admin.
Upvotes: 1
Views: 1481
Answers (2)
Reputation: 61068
In this case it would be better to pipe the output of Get-MsolUser -All -ReturnDeletedUsers | ? {$_.userPrincipalName -eq $USERNAME} directly to the Remove-MsolUser.
That way, the ObjectID property is used instead of the UserPrincipalName which looks to have been changed (#EXT#) once added to the Recycle bin.
The ObjectID (a guid) however is not changed and uniquely identifies the user object.
Try:
Get-MsolUser -All -ReturnDeletedUsers | ? {$_.userPrincipalName -eq $USERNAME} |
Remove-MsolUser -RemoveFromRecycleBin
Or:
$exUser = Get-MsolUser -All -ReturnDeletedUsers | ? {$_.userPrincipalName -eq $USERNAME}
Remove-MsolUser -ObjectId $exUser.ObjectID -RemoveFromRecycleBin
Upvotes: 3
Reputation: 16438
If you have to use the older MSOnline V1 PowerShell module for Azure Active Directory, you need to delete the guest user from the recycle bin with setting the username as the real email address of the guest user.
For example, if the guest user is [email protected]. It will be listed as aaa_outlook.com#EXT#@***.onmicrosoft.com with Get-MsolUser. But you need set $USERNAME = "[email protected]" instead of "aaa_outlook.com#EXT#@***.onmicrosoft.com".
Then you will be able to delete it from the recycle bin.
Upvotes: 1
Related Questions
- Azure - get deleted users - Using Get-AzureADUser
- Powershell azure ad: delete user from recycle bin
- Azure Devops remove specific user from specific organization using Powershell
- Removing multiple licences from a user using powershell
- Azure AD User Deletion and triggers
- Azure Active Directory: "user administrator" can not delete users if assigned to administrative unit
- Remove-AzureAdUserExtension actual result
- What API Permissions are needed for Remove-AzureADUser?
- Not able to delete user synced from Windows server using Azure AD Connect
- How to remove Guest user on Azure Active Directory?