Check if users are in Entra ID Recycle Bin

Question

Check if users are in Entra ID Recycle Bin

mark terry 185

Hi Folks!

I have a script which I am using today to check to see what users are in the Entra ID Recycle Bin and those who are no longer in the Recycle Bin. The script uses the Get-MsolUser -ReturnDeletedUsers command (which is being discontinued). It looks like I will have to start moving to using the Get-MgUser (MS Graph) command, but it looks like there is no -ReturnDeletedUsers switch for Get-MgUser.

The script I currently use is below.

The input file just has the userprincipalname as the header, followed by the users

userprincipalname

******@test.com

******@test.conm

Can someone please help with re-tooling my script so that it works with MS Graph?

Thanks in advance!

# CHECK IF USERS ARE IN THE ENTRA ID RECYCLE BIN AND CREATE RELEVANT FILES

$CSVFile = "D:\Temp\Master-Input-File.csv"
$Users = Import-Csv -Path $CSVFile

Write-Host "Checking if users are in the Entra ID Recycle Bin" -ForegroundColor Green
Write-Host
ForEach ($User in $Users)
{
    If(Get-MsolUser -UserPrincipalName $User.userprincipalname -ReturnDeletedUsers -ErrorAction SilentlyContinue)
    {
        Write-host "$($User.UserPrincipalName) is in the Entra ID Recycle Bin"
        $User.UserPrincipalName | 
        Out-File D:\Temp\Users-in-Recycle-Bin.csv -Append            
    }
    Else
    {
        Write-host "$($User.UserPrincipalName) is not in the Entra ID Recycle Bin" -f Yellow
        $User.UserPrincipalName | 
        Out-File D:\Temp\Users-Not-In-Recycle-Bin.csv -Append
        
    }
}

1 answer

Your answer

Answer 1

Harpreet Singh Matharoo 8,416 Microsoft Employee Moderator

Hello @mark terry ,

Thank you for your reaching out to Microsoft QnA Platform. I guess you should be able to replace "Get-MsolUser -ReturnDeletedUsers" with "Get-MgDirectoryDeletedItem -Filter "userPrincipalName eq '$($User.userprincipalname)'".

Get-MgDirectoryDeletedItem - Retrieves the properties of a recently deleted application, group, servicePrincipal, administrative unit, or user object from deleted items.
More information on this command can be found on following article: https://learn.microsoft.com/en-us/powershell/module/microsoft.graph.identity.directorymanagement/get-mgdirectorydeleteditem?view=graph-powershell-1.0

Hope this will help. Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

mark terry 185 Reputation points

2025-01-09T21:21:26.2966667+00:00

Hi Harpreet,

I am having trouble with the Get-MgDirectoryDeletedItem -Filter "userPrincipalName eq '$($User.userprincipalname)'" command.

If I try to do the command below:

Get-MgDirectoryDeletedItem -Filter "userPrincipalName eq '*****@test.com'"*

I get the following error:

Get-MgDirectoryDeletedItem : Searches against this resource are not supported. Only specific instances can be queried.

Any thoughts on this?

Thanks for your help!

Share via

Check if users are in Entra ID Recycle Bin

1 answer

Your answer