m365Corner
M365 Glossary

Remove-MgDirectoryDeletedItem

What is Remove-MgDirectoryDeletedItem?

The Remove-MgDirectoryDeletedItem cmdlet in Microsoft Graph PowerShell permanently deletes a previously soft-deleted directory object from Microsoft Entra ID (formerly Azure Active Directory). This object can be a user, group, or application that resides in the directory’s recycle bin. Once deleted using this cmdlet, the object cannot be recovered.


Why Use Remove-MgDirectoryDeletedItem?

Administrators use this cmdlet to permanently clean up soft-deleted directory objects that are no longer needed. Automating this cleanup helps maintain a healthy, clutter-free tenant and ensures compliance with retention and security policies.

Key benefits include:

  • Automating the purge of inactive users or obsolete groups.
  • Ensuring compliance with data lifecycle policies.
  • Preventing restoration of unwanted deleted items.
  • Maintaining directory hygiene and reducing clutter.

Prerequisites

Before running this cmdlet, ensure that the Microsoft Graph module is installed and connected with the appropriate permissions based on the object type you intend to delete.

For users:

Connect-MgGraph -Scopes "User.DeleteRestore.All"

For groups:

Connect-MgGraph -Scopes "Group.ReadWrite.All"

How to Use Remove-MgDirectoryDeletedItem?

The cmdlet requires the DirectoryObjectId parameter, which uniquely identifies the deleted object. You can retrieve this ID using Get-MgDirectoryDeletedItem.

Syntax:

Remove-MgDirectoryDeletedItem -DirectoryObjectId

Remove-MgDirectoryDeletedItem Example

Example: Permanently delete a soft-deleted directory object

Remove-MgDirectoryDeletedItem -DirectoryObjectId ae22d08d-1ef5-4ac0-b36b-376864f6b63a

This command permanently removes the deleted directory object with the specified Object ID from Microsoft Entra ID.


Summary

Key Point Details
Cmdlet Name Remove-MgDirectoryDeletedItem
Purpose Permanently deletes soft-deleted directory objects (users, groups, or apps)
Required Scope User.DeleteRestore.All or Group.ReadWrite.All
Primary Parameter DirectoryObjectId
Automation Benefit Helps automate cleanup of deleted directory objects
Use Case Ensures tenant hygiene by permanently deleting inactive users or groups

Did You Know? Managing Microsoft 365 applications is even easier with automation. Try our Graph PowerShell scripts to automate tasks like generating reports, cleaning up inactive Teams, or assigning licenses efficiently.

Ready to get the most out of Microsoft 365 tools? Explore our free Microsoft 365 administration tools to simplify your administrative tasks and boost productivity.

© Your Site Name. All Rights Reserved. Design by HTML Codex