Permanently Delete Office 365 Groups

If you have created teams or channels in Microsoft Teams, you likely know this creates Office 365 groups. Many other Microsoft products in the 365/Azure space create Office 365 groups. This is Microsoft’s new group which allows great flexibility across services.

However, if you have ever decided to delete a Sharepoint site or Microsoft Team, you will find you cannot create another team or site in its place. You will receive an error saying this group still exists.

This is because the group was delete as a ‘soft delete’. Meaning it’s sitting in a recycle bin for a number of days until it’s permanently deleted.

You can speed up this process. The easiest way to do this is to connect via Powershell and run the following commands

  1. Launch Powershell
  2. Run the following command if you don’t have AzureAD installed
Install-Module -Name AzureAD
  1. Connect to AzureAD
Connect-AzureAD
  1. Remove deleted groups
Get-AzureADMSDeletedGroup | Remove-AzureADMSDeletedDirectoryObject

If you don’t feel safe running the above command, just run the Get-AzureADMSDeletedGroup first to see what will be removed.

This will take some time to sync.

Removing an Office 365 Tenancy

There may be a reason you wish to totally remove an Office 365 tenancy. In our case, it was that the company we looked after was sold. They wanted the data removed – and quickly.

It is possible now to totally remove a tenancy following these steps:

  1. Remove any licensing from the Office 365 tenancy
  2. Open Powershell
  3. Connect to Azure AD by typing
    Connect-AzureAD

    If this doesn’t work, you may need to install AzureAD. Do this by typing

    Install-Module -Name AzureAD
  4. Once connected, you need to connect to Active Directory or mosl. To do this type
    Connect-MsolService

    If this does not work, you may need to install msol. Do this by typing

    Install-Module -Name Connect-MsolService
  5. Disable dirsync with the following command, if enabled
    Set-MsolDirSyncEnabled -EnableDirSync $false

    This command will take around 30 minutes for all users to become in cloud users

  6. You now need to remove all users and remove them from the recycle bin. Type
    Get-MsolUser | Remove-MsolUser -Force

    Then after waiting 30 minutes or so, type the following

    Get-MsolUser -ReturnDeletedUsers | Remove-MsolUser -RemoveFromRecycleBin -Force

    This command removes the deleted users from the AD recycle bin

  7. The next script will remove all of the enterprise applications in AD. This needs to be done
    $ObjectIds = (Get-AzureADServicePrincipal).ObjectIdFor ($i=0; $i -lt $ObjectIds.Length; $i++){ Remove-AzureADServicePrincipal -objectid $ObjectIds[$i]}
  8. Once these commands are completed, you can check Azure Active Directory by going to https://aad.portal.azure.com. Select Azure Active Directory and try to delete it. You will get something like the following. In this case, once the licenses have expired (these we removed 12 hours ago) you will be able to delete the tenancy.

For more information check out the following links: