M365Corner

🔧 New: User Management Graph PowerShell Toolkit

Simplify user tasks like bulk creation, updates, password resets, deletions, license checks & more — all from one place.

🚀 Launch Toolkit
M365 PowerShell

Get-MgDirectoryDeletedItemAsUser – Retrieve Deleted Users Using Graph PowerShell

The Get-MgDirectoryDeletedItemAsUser cmdlet in Microsoft Graph PowerShell allows administrators to fetch details of deleted user accounts in Microsoft 365 (Azure AD).
When a user is deleted in Microsoft Entra ID, it isn’t permanently removed immediately—it’s retained in a soft-deleted state for up to 30 days. During this retention window, you can view, restore, or permanently delete the user.

This cmdlet helps you list all deleted users or get details of a specific deleted user by passing the -DirectoryObjectId parameter.


Cmdlet Syntax

Get-MgDirectoryDeletedItemAsUser [-DirectoryObjectId <String>] [<CommonParameters>]

Parameters:

  • -DirectoryObjectId – (Optional) Specifies the object ID of a deleted user to retrieve details about that particular account.
  • <CommonParameters> – Supports standard PowerShell parameters like -Verbose, -Debug, etc.

Usage Examples

Below are practical examples of using the Get-MgDirectoryDeletedItemAsUser cmdlet in Microsoft Graph PowerShell.

Example 1: Fetch all deleted users

Get-MgDirectoryDeletedItemAsUser

This command retrieves the list of all deleted users currently residing in the Azure AD recycle bin.

Example 2: Fetch details of a single deleted user

Get-MgDirectoryDeletedItemAsUser -DirectoryObjectId 78db8584-3633-4c8a-ae6e-e144d63e7e12

This command fetches details of a single deleted user based on the provided Directory Object ID.

🔹 Note: The DirectoryObjectId (user ID) is required if you plan to programmatically restore or permanently delete a user using Graph PowerShell.

This ID can only be obtained using the Get-MgDirectoryDeletedItemAsUser cmdlet.


Cmdlet Tips

  • Always ensure you’re connected to Microsoft Graph with the correct permissions before running the cmdlet: Connect-MgGraph -Scopes "User.Read.All", "Directory.Read.All"
  • Deleted items are stored for 30 days before permanent deletion. Once purged, they cannot be recovered.
  • Combine this cmdlet with Restore-MgDirectoryDeletedItem or Remove-MgDirectoryDeletedItem to manage the lifecycle of deleted users.
  • You can use Select-Object to display specific properties:
    • Get-MgDirectoryDeletedItemAsUser | Select-Object Id, DisplayName, UserPrincipalName, DeletedDateTime

Use Cases

Here are a few common scenarios where Get-MgDirectoryDeletedItemAsUser proves useful:

  1. Auditing recently deleted accounts

    2. Helps administrators identify which accounts were deleted recently for compliance or reporting.

  2. Restoring accidental deletions

    3. If a user was deleted mistakenly, this cmdlet can fetch the DirectoryObjectId, allowing you to restore the user using:

    Restore-MgDirectoryDeletedItem -DirectoryObjectId
  3. Permanent removal of deleted users

    4. For organizations maintaining strict data hygiene, you can use the retrieved DirectoryObjectId to permanently remove users:

    Remove-MgDirectoryDeletedItem -DirectoryObjectId
  4. Automated reporting

    5. Combine this cmdlet with export options to generate reports of all deleted users:

    Get-MgDirectoryDeletedItemAsUser | Export-Csv "DeletedUsers.csv" -NoTypeInformation

Possible Errors & Solutions

Error Cause Solution
Access Denied. You do not have the required permissions to access this resource. The signed-in account doesn’t have sufficient permissions. Ensure you’re connected with User.Read.All and Directory.Read.All scopes using Connect-MgGraph.
Resource not found for the segment 'directoryObjects'. The specified DirectoryObjectId doesn’t exist or has been permanently deleted. Verify the ID using Get-MgDirectoryDeletedItemAsUser before attempting to restore or remove the user.
Get-MgDirectoryDeletedItemAsUser : The term is not recognized The Microsoft Graph module is not installed or imported. Install and import the module using:
Install-Module Microsoft.Graph
Import-Module Microsoft.Graph

Conclusion

The Get-MgDirectoryDeletedItemAsUser cmdlet is essential for administrators who need to monitor, recover, or manage deleted user accounts in Microsoft 365.

It serves as the foundation for subsequent actions like restoring or permanently deleting users—both of which require the User ID retrieved through this cmdlet.

By incorporating it into your PowerShell workflows, you can automate and streamline user lifecycle management while maintaining better control over your directory resources.


Table of Contents

X

Table of Contents

Graph PowerShell Explorer Widget

20 Graph PowerShell cmdlets with easily accessible "working" examples.


Permission Required

Example:


                

                

                

                

                

            

        

    


 
            

        

    

    
    
    
    

        

            © m365corner.com. All Rights Reserved.
            Design by HTML Codex