How to Delete Guest users in Office 365?

What are Guest Users in Office 365?

Guest users are individuals outside your organization who can access specific Office 365 services. Typically, they won’t be an employee, contractor, or other full-time members of your organization. Still, they need access to Office 365 resources such as email, SharePoint documents, Microsoft Teams, and calendars. When you add guest users to Office 365, they’ll have the same access and permissions as regular members.

There are several reasons why you may need to delete a guest user in Office 365. Perhaps the guest user is no longer working on a project with your organization or has completed their work. Alternatively, you may need to delete a guest user due to security concerns or changes in your organization’s policies.

Delete a guest user in Office 365

Guest users are commonly used to collaborate with external parties, such as contractors, vendors, and customers. However, there may come a time when you have to delete a guest user from Office 365. This article will discuss how to delete a guest user in Office 365. Please note, You must have a Global administrator or User administrator role to delete users in your organization.

Steps to Delete a Guest User in Office 365 Admin Center

Deleting a guest user in Office 365 through Microsoft 365 Admin center is a straightforward process. Follow these steps to delete a guest user in Office 365:

  1. Sign in to the Microsoft 365 admin center at https://admin.microsoft.com/, using an account with admin permissions.
  2. In the admin center, click on the Users tab >> Click on “Guest Users”. You will get a complete list of all registered guest users in your tenant.
  3. Click on the guest user account that you want to delete.
  4. Click on the “Delete a user” button.
    delete guest user office 365
  5. Confirm that you wish to delete the guest user by clicking “Delete User” in the confirmation panel.

Once the guest user has been deleted, they will no longer be able to access any services or resources in your Office 365 tenant. Deleted users will be listed under “Deleted users” in the “Users” tab in the left navigation. If you want to permanently delete the guest user, remove them from deleted users as well!

Remove a Guest user using Azure AD Portal

Let’s see how to delete a guest user from the Azure AD portal. Follow these steps to delete a guest user from the Azure AD portal:

  1. Log in to the Azure portal using an account with admin permissions at https://aad.portal.azure.com/.
  2. In the Azure portal, click on Azure Active Directory from the left-hand menu.
  3. Click on the Users tab.
  4. In the Users tab, search and select the guest user account you want to delete >> click on the Delete button in the top toolbar.
    how to delete guest users in office 365
  5. Confirm that you want to delete the guest user by clicking on Yes.

Once the guest user has been deleted, they will no longer be able to access any resources in your organization.

To permanently delete a user, remove them from “Deleted Users” as well!

Permanently delete guest user in Office 365
When you delete any user account from Office 365 in any of the methods: Admin Center, Azure AD, or PowerShell, They will be placed in a recycle bin for 30 days, so they can be easily recovered if the deletion was not intended. If you want to permanently removes the user from Office 365, You have to delete them from “Deleted Users” as well!

Delete a guest user in Office 365 – Azure AD using PowerShell

Deleting a guest user in Office 365 can also be done using PowerShell, which can be more efficient when dealing with multiple guest user accounts. Let’s see the process for deleting a guest user in Office 365 using PowerShell.

If you need to delete a guest user in Office 365 using PowerShell, you can use the Remove-AzureADUser command. This command is used to delete a user from Azure Active Directory, which will also remove the user’s access to Office 365 services. Guest users have a User Principal Name format of username_domain#EXT#@tenant.com, E.g., Salaudeen_gmail.com#EXT#@Crescent.com

Here are the steps to delete a guest user in Office 365 using PowerShell:

Step 1: Connect to Azure AD from PowerShell

Connect-AzureAD

Enter your admin credentials when prompted.

Step 2: Get the Guest User’s UPN/Object ID

Once you’re connected, run the following command to get a list of all the guest user accounts in your Office 365 tenant:

Get-AzureADUser -Filter "userType eq 'Guest'" -All:$true

Locate the guest user account you want to delete and copy the ObjectID value for the user. Run the following command to delete the guest user account:

Step 3: Remove the Guest Users

Remove-AzureADUser -ObjectId <ObjectID or UPN of the Guest user>

Replace with the ObjectID value for the user you wish to delete. We can also pass the UPN to the Object ID parameter. E.g.,

$UPN = "salaudeen_gmail.com#EXT#@crescent.com"

#Delete the Guest User
Remove-AzureADUser -ObjectId $UPN

Execute the script, and that’s it! You have now deleted a guest user in Office 365 using PowerShell Remove-AzureADUser. Using PowerShell to delete a guest user in Office 365 can be more efficient than using the web-based interface, especially when dealing with multiple guest user accounts. However, the above cmdlets only soft-delete the user account and can be restored in 30 days if needed. To permanently delete the guest user account, use the following:

#Object ID of the deleted Guest user
$ObjectID = "2f0ae862-45b3-49ef-920a-0a740d64f053"

#Permanently remove the deleted user
Remove-AzureADMSDeletedDirectoryObject -Id $ObjectID

You can obtain the Object ID from AAD logs and filter for “Delete User”.

Best Practices for Deleting a Guest User in Office 365

Here are some best practices to follow when deleting a guest user in Office 365:

  1. Check for dependencies: Before deleting a guest user, ensure they are not associated with any active projects or files.
  2. Inform the guest user: If possible, inform them their account will be deleted and provide any necessary information to help them transition.
  3. Review security: As part of your regular security review, periodically review and delete any guest user accounts that are no longer needed.
  4. Keep a record: Keep a record of guest user accounts that have been deleted for auditing and compliance purposes.
  5. Suppose you are deleting through PowerShell, Double-check that you have the correct ObjectID value for the guest user account you want to delete.

Conclusion

In conclusion, deleting a guest user in Office 365 is a simple and necessary task that can help improve the security and efficiency of your organization. Following the steps and best practices outlined in this article, you can easily delete guest user accounts and ensure that your organization’s resources are properly secured. Deleting a guest user from the Azure AD portal is also a simple task. PowerShell can be used to manage various tasks in Office 365, including deleting guest user accounts, you can use the Remove-AzureADUser command to quickly and efficiently delete guest user accounts in your Office 365 tenant.

Please note, when you delete a guest user, it will also delete all the associated data, such as email, files, and calendar. So, It is best practice to remove the user from all the groups, shared resources, and licenses before deleting the guest user account.

Salaudeen Rajack

Salaudeen Rajack - Information Technology Expert with Two-decades of hands-on experience, specializing in SharePoint, PowerShell, Microsoft 365, and related products. He has held various positions including SharePoint Architect, Administrator, Developer and consultant, has helped many organizations to implement and optimize SharePoint solutions. Known for his deep technical expertise, He's passionate about sharing the knowledge and insights to help others, through the real-world articles!

Leave a Reply

Your email address will not be published. Required fields are marked *