B2B Guest User deletion in Azure and SharePoint

B2B Guest User deletion in Azure and SharePoint:

Source Tenant: @hostexo.com

Destination tenant: @support365.ml

UMA@hostexo.com was invited to Support365.ml as a guest user. For this exercise we would like to check, if deleting UMA@hostexo.com from the source Azure AD, deletes it from the destination support365.ml

UMA@hostexo.com is deleted from the source and is in deleted users

From the screenshot below, we see that UMA@hostexo.com is still present in the destination and it still exist as a gust user (Time interval 15 mins).

We will now remove the user UMA@hostexo.com from the recycle bin in the source tenant.

From the screenshot below, we see that the user is now permanently deleted from the source.

Although the user uma@hostexo.com was deleted from the source it is still present in the destination as a guest user (Time interval 15 mins).

Since the user’s source for authentication is an External Azure AD, the user will not be able to sign into the destination tenant, however we end up with a lot of orphaned accounts in the process. We will need to run a cleanup job in each destination tenant to remove these orphaned accounts.

This user was given access to a SharePoint Site in the destination tenant https://muasar.sharepoint.com/

We will check to see if removing the guest user from Azure AD in the destination removes it from the SPO site https://muasar.sharepoint.com/

By checking the “userdisp” page we see that the user is present in SharePoint: https://muasar.sharepoint.com/_layouts/15/userdisp.aspx?id=28&force=true

I deleted the guest user from the destination Azure Active Directory.

The user still exists in the SharePoint site and has permissions

Even after permanently deleting the user from the recycle bin the user object still exist in SharePoint Online. More Orphaned user objects.