Problem restoring deleted user with mggraph

Question

Hello,I have done a few 365 migration and almost everytime there are some user data that has been missed in the migration.&nbsp;Earlier I solved this by restoring the 365 user in the source tenant to another domain using this msol script in powershell:Restore-MsolUser -UserPrincipalName email address removed for privacy reasons -VerboseRestore-MsolUser -UserPrincipalName email address removed for privacy reasons -Verbose -AutoReconcileProxyConflictsRestore-MsolUser -UserPrincipalName email address removed for privacy reasons -Verbose -AutoReconcileProxyConflicts -NewUserPrincipalName email address removed for privacy reasonsI know it is not perfect but it worked well and saved a bunch of times.&nbsp;I have now done another migration now and got the same issue so I need to restore the users so we can access the data again and move it. BUT!I realized today that msol service is no more, so I am kinda stuck with figuring this out in mggraph.&nbsp;I have tried for a few hours now and I am not sure if this even possible with mggraph.&nbsp;Whenever I try to build a script using Restore-MgDirectoryDeletedUser/Item which google, copilote etc tells me to use I only get this error:The term 'Restore-MgDirectoryDeletedUser/item' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the&nbsp;name, or if a path was included, verify that the path is correct and try again.Or I get that it "works" but that the proxy/domain conflicts:Errors detected while trying to restore the user restoreUserErrors: ErrorValue:&lt;pii&gt;&lt;pii&gt;E*****.E*******&lt;/pii&gt;@domain.com&lt;/pii&gt; ObjectType:&nbsp;ConflictingObjectId:, ErrorType:UserPrincipalName, ErrorId:InvalidDomainErrorValue:&lt;pii&gt;smtp:&lt;pii&gt;ee&lt;/pii&gt;@domain.com&lt;/pii&gt; ObjectType: ConflictingObjectId:, ErrorType:ProxyAddress,&nbsp;ErrorId:InvalidDomainStatus: 400 (BadRequest)ErrorCode: Request_BadRequestDate: 2025-09-08T13:49:36Since I do not have the first domain in the source tenant anymore I need to restore the user to a different domain.Does anyone have any idea on how I can recreate the msol version to mggraph? I feel like I have tried everything to my knowledge now so hopefully anyone here can give me help or tips.&nbsp;Thanks!/Adam

lainrobertson · Answer

Hi Adamneedshelpwithpowershell​,&nbsp;Use the Restore-MgDirectoryDeletedItem commandlet (from the Microsoft.Graph.Identity.DirectoryManagement module) in conjunction with the autoReconcileProxyConflict header:&nbsp;Restore-MgDirectoryDeletedItem (Microsoft.Graph.Identity.DirectoryManagement) | Microsoft LearnRestore deleted directory object item - Microsoft Graph v1.0 | Microsoft Learn&nbsp;Cheers,Lain

adamneedshelpwithpowershell · Answer

Hi,Thanks for the response, I looked at this yesterday and tried it aswell.&nbsp;I think this should work, but it complains about the BodyParameter:Restore-MgDirectoryDeletedItem : A parameter cannot be found that matches parameter name 'BodyParameter'.&nbsp;&nbsp;So most likely I am using this wrong in some way, I tried doing these two ways:Import-Module Microsoft.Graph.Identity.DirectoryManagement&nbsp;$params = @{autoReconcileProxyConflict = $true}&nbsp;Restore-MgDirectoryDeletedItem -DirectoryObjectId e0995e5e-13d8-40eb-a29e-9d********733 -BodyParameter $params&nbsp;Ex2:Import-Module Microsoft.Graph.Identity.DirectoryManagement&nbsp;$params = @{newUserPrincipalName = "E********.E*******@newdomain.onmicrosoft.com"}&nbsp;Restore-MgDirectoryDeletedItem -DirectoryObjectId e0995e5e-13d8-40eb-a29e-9***********3 -BodyParameter $paramsStill get the same error with body parameter./Adam

adamneedshelpwithpowershell · Answer

Hi, thanks for the response.&nbsp;I saw this yesterday aswell and I agree that it should work, but I get this error when I try to run it:Restore-MgDirectoryDeletedItem : A parameter cannot be found that matches parameter name 'BodyParameter'.I have tried both these variants:&nbsp;C:\WINDOWS\system32&gt; Import-Module Microsoft.Graph.Identity.DirectoryManagement&gt;&gt;&gt;&gt; $params = @{&gt;&gt; &nbsp; &nbsp; autoReconcileProxyConflict = $true&gt;&gt; }&gt;&gt;&gt;&gt; Restore-MgDirectoryDeletedItem -DirectoryObjectId e0995e5e-13d8-40eb-a29e-9***********733 -BodyParameter $params&nbsp;&nbsp;&nbsp;Ex2&nbsp;C:\WINDOWS\system32&gt; Import-Module Microsoft.Graph.Identity.DirectoryManagement&gt;&gt;&gt;&gt; $params = @{&gt;&gt; &nbsp; &nbsp; newUserPrincipalName = "E*********.E*********@newdomain.onmicrosoft.com"&gt;&gt; }&gt;&gt;&gt;&gt; Restore-MgDirectoryDeletedItem -DirectoryObjectId e0995e5e-13d8-40eb-a29e-9**********33 -BodyParameter $params&nbsp;&nbsp;Both gives the same error for the BodyParameter, so most likely I am using this wrong somehow.&nbsp;/Adam

lainrobertson · Answer

Hi Adamneedshelpwithpowershell​,&nbsp;It's not your fault. The example within the Microsoft documentation is incorrect.&nbsp;Where the example lists the "-BodyParameter" parameter, it should have instead used the "-Headers" parameter. Quality assurance for the loss.&nbsp;To provide some tangible evidence, the following screenshot shows the list of parameters for the 2.30.0 version of Restore-MgDirectoryDeletedItem where you can see there is no such parameter as "BodyParameter", but there is one named "Headers".&nbsp;&nbsp;And here is an end-to-end example demonstrating the autoReconcileProxyConflict header from the documentation.&nbsp;&nbsp;The commands - in order - show:&nbsp;A deleted user;Restoring the user whilst using the autoReconcileProxyConflict header;That the user can now be seen as a normal user once more;Deleted the user, sending it to the recycle bin (a soft delete);Deleted the user from the recycle bin (a hard delete).&nbsp;Footnote: My examples use the beta endpoint commands but there's no difference with the v1.0 commands I referenced in my original reply.&nbsp;Cheers,Lain

Forum Discussion

Problem restoring deleted user with mggraph

4 Replies

Resources