Finding and Recovering Deleted Office 365 Data
Configuring Data Archiving
The course is part of these learning paths
Microsoft 365 provides multiple features and services for managing working data as well as for retaining them as needed. It is critical for you as an IT administrator to understand the features available for ensuring that deleted data can be restored and that you can import other data and use Microsoft 365 as an archive.
This course will focus on how to manage archival, deletion, and restoration of content and data within Microsoft 365. By the end of this course, you will know the various options available for that and when to use the Admin Center or PowerShell to restore data and content. We will also discuss some of the important aspects of working with deleted data.
- Identify content for recovery
- Ensure your end-users have the data they need
- Recover data in Microsoft 365
- Archive data in Microsoft 365
This course is intended for people who want to become a Microsoft 365 Certified: Security Administrator Associate.
If you wish to follow along with this course, it is recommended that you have a Microsoft 365 tenant, an account with Global Administrator access, as well as content within SharePoint Online and OneDrive for Business, a few Exchange Online mailboxes, and users in Azure Active Directory.
Once enabled, the user's mailbox becomes their primary mailbox with additional mailboxes called Archive Mailboxes. They are both considered user mailboxes for the user, especially within compliance features that you might decide to use. You can move all mail messages to an archive mailbox using standard retention policies. The Default Exchange Online retention policy, moves any items that are older than two years to those archive mailboxes. It will also move items that are 14 days older from the recoverable items folder to the same folder stored in the archive mailbox.
So, let's go back into our environment and look at how we execute PowerShell, and also use the Compliance Center to enable an archive mailbox. There are two different approaches to enabling the standard archive capabilities for a mailbox. The first one can be found here in the Compliance Center. We can navigate in here and scroll down to the 'Information governance' piece, which is a section within the Compliance Center, and from here we're able to go through to the 'Archive' option, and from the Archive option, what we'll see is a list of the mailboxes will load. And of course, we have to wait for them to load here. So, here we go. We can see it. And you'll see the status of them.
So, let me just zoom in a little bit more here. So, what you'll see is some of these are Enabled, some of these are Disabled. What we can do is, for example, Lidia. I can select Lidia's one, and you can see that the option appears, which is Enable Archive. I can say 'Enable', and at this point, it will then kick off a process in the background. I can refresh, scroll back down to Lidia, and you'll see that Lidia is now Enabled, and it gives me statistics of that specific archiving capability. I can also Disable the archive like so, and of course, notice what happens. It comes back, and says, "Oh, hold on a minute. You can't really do that." That's okay. That's because it's designed to stop you from disabling it, as soon as you've Enabled it. Because the enabling process, though it says it's complete, If I just refresh here, scroll back down to Lidia, it's still Enabled, even though I clicked Disable, because it's a long-running process that takes place.
So, that's the first option is to use the Compliance Center. The second one is to go back into a PowerShell environment and utilize standard commands. So, back in here. So, the first thing I'm going to do inside the PowerShell is just retrieve a mailbox again. So, I'll say Get-Mailbox. This will give me the list of all the mailboxes, and we'll pick, let's say, MeganB's account. I'll just clean the screen a bit here. And what we can do is we can go through and execute the same PowerShell that we did before, which was the Enable-Mailbox. We've got the Identity, we're going to pass in the name, and then the property is going to be Archive, and I can press enter here.
Now, of course, it also comes back and says, "Whether or not they are Enabled as default." So, if I can't enable it, I can actually go back here, and say Disable-Mailbox, and then do it this way. Then of course it will come back and say, "If you disable, this is what's going to happen. It will be removed and get marked." I'm going to say 'Yes'. If I now go back to enabling and try to execute that, this time it's going to come back and add it back in again.
Liam Cleary is a Microsoft MVP and Microsoft Certified Trainer focused on Microsoft 365 and Azure. He's been working with Microsoft Cloud and Azure technologies since their creation and focuses heavily on deployments, management, and the security of Microsoft 365 and Azure. He also holds multiple certifications for both Microsoft 365 and Azure.