What are Guest Users in Office 365?
Guest users are individuals outside your organization who can access specific Office 365 services. Typically, they won’t be an employee, contractor, or other full-time members of your organization. Still, they need access to Office 365 resources such as email, SharePoint documents, Microsoft Teams, and calendars. When you add guest users to Office 365, they’ll have the same access and permissions as regular members.
There are several reasons why you may need to delete a guest user in Office 365. Perhaps the guest user is no longer working on a project with your organization or has completed their work. Alternatively, you may need to delete a guest user due to security concerns or changes in your organization’s policies.
Delete a guest user in Office 365
Guest users are commonly used to collaborate with external parties, such as contractors, vendors, and customers. However, there may come a time when you have to delete a guest user from Office 365. This article will discuss how to delete a guest user in Office 365. Please note, You must have a Global administrator or User administrator role to delete users in your organization.
In this article
Steps to Delete a Guest User in Office 365 Admin Center
Deleting a guest user in Office 365 through Microsoft 365 Admin center is a straightforward process. Follow these steps to delete a guest user in Office 365:
- Sign in to the Microsoft 365 admin center at https://admin.microsoft.com/, using an account with admin permissions.
- In the admin center, click on the Users tab >> Click on “Guest Users”. You will get a complete list of all registered guest users in your tenant.
- Click on the guest user account that you want to delete.
- Click on the “Delete a user” button.
- Confirm that you wish to delete the guest user by clicking “Delete User” in the confirmation panel.
Once the guest user has been deleted, they will no longer be able to access any services or resources in your Office 365 tenant. Deleted users will be listed under “Deleted users” in the “Users” tab in the left navigation. If you want to permanently delete the guest user, remove them from deleted users as well!
Remove a Guest user using Azure AD Portal
Let’s see how to delete a guest user from the Azure AD portal. Follow these steps to delete a guest user from the Azure AD portal:
- Log in to the Azure portal using an account with admin permissions at https://aad.portal.azure.com/.
- In the Azure portal, click on Azure Active Directory from the left-hand menu.
- Click on the Users tab.
- In the Users tab, search and select the guest user account you want to delete >> click on the Delete button in the top toolbar.
- Confirm that you want to delete the guest user by clicking on Yes.
Once the guest user has been deleted, they will no longer be able to access any resources in your organization.
To permanently delete a user, remove them from “Deleted Users” as well!
When you delete any user account from Office 365 in any of the methods: Admin Center, Azure AD, or PowerShell, They will be placed in a recycle bin for 30 days, so they can be easily recovered if the deletion was not intended. If you want to permanently removes the user from Office 365, You have to delete them from “Deleted Users” as well!
Delete a guest user in Office 365 – Azure AD using PowerShell
Deleting a guest user in Office 365 can also be done using PowerShell, which can be more efficient when dealing with multiple guest user accounts. Let’s see the process for deleting a guest user in Office 365 using PowerShell.
If you need to delete a guest user in Office 365 using PowerShell, you can use the Remove-AzureADUser command. This command is used to delete a user from Azure Active Directory, which will also remove the user’s access to Office 365 services. Guest users have a User Principal Name format of username_domain#EXTfirstname.lastname@example.org, E.g., Salaudeen_gmail.com#EXT#@Crescent.com
Here are the steps to delete a guest user in Office 365 using PowerShell:
Step 1: Connect to Azure AD from PowerShell
Enter your admin credentials when prompted.
Step 2: Get the Guest User’s UPN/Object ID
Once you’re connected, run the following command to get a list of all the guest user accounts in your Office 365 tenant:
Get-AzureADUser -Filter "userType eq 'Guest'" -All:$true
Locate the guest user account you want to delete and copy the ObjectID value for the user. Run the following command to delete the guest user account:
Step 3: Remove the Guest Users
Remove-AzureADUser -ObjectId <ObjectID or UPN of the Guest user>
Replace with the ObjectID value for the user you wish to delete. We can also pass the UPN to the Object ID parameter. E.g.,
$UPN = "salaudeen_gmail.com#EXTemail@example.com" #Delete the Guest User Remove-AzureADUser -ObjectId $UPN
Execute the script, and that’s it! You have now deleted a guest user in Office 365 using PowerShell Remove-AzureADUser. Using PowerShell to delete a guest user in Office 365 can be more efficient than using the web-based interface, especially when dealing with multiple guest user accounts. However, the above cmdlets only soft-delete the user account and can be restored in 30 days if needed. To permanently delete the guest user account, use the following:
#Object ID of the deleted Guest user $ObjectID = "2f0ae862-45b3-49ef-920a-0a740d64f053" #Permanently remove the deleted user Remove-AzureADMSDeletedDirectoryObject -Id $ObjectID
You can obtain the Object ID from AAD logs and filter for “Delete User”.
Best Practices for Deleting a Guest User in Office 365
Here are some best practices to follow when deleting a guest user in Office 365:
- Check for dependencies: Before deleting a guest user, ensure they are not associated with any active projects or files.
- Inform the guest user: If possible, inform them their account will be deleted and provide any necessary information to help them transition.
- Review security: As part of your regular security review, periodically review and delete any guest user accounts that are no longer needed.
- Keep a record: Keep a record of guest user accounts that have been deleted for auditing and compliance purposes.
- Suppose you are deleting through PowerShell, Double-check that you have the correct ObjectID value for the guest user account you want to delete.
In conclusion, deleting a guest user in Office 365 is a simple and necessary task that can help improve the security and efficiency of your organization. Following the steps and best practices outlined in this article, you can easily delete guest user accounts and ensure that your organization’s resources are properly secured. Deleting a guest user from the Azure AD portal is also a simple task. PowerShell can be used to manage various tasks in Office 365, including deleting guest user accounts, you can use the Remove-AzureADUser command to quickly and efficiently delete guest user accounts in your Office 365 tenant.
Please note, when you delete a guest user, it will also delete all the associated data, such as email, files, and calendar. So, It is best practice to remove the user from all the groups, shared resources, and licenses before deleting the guest user account.