Merge pull request #218329 from v-edmckillop/patch-16

prmerger-automator[bot] · web-flow · commit 800b89a97c73 · 2022-11-15T17:36:24.000Z
Update recover-from-deletions.md
diff --git a/articles/active-directory/fundamentals/recover-from-deletions.md b/articles/active-directory/fundamentals/recover-from-deletions.md
@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.workload: identity
 ms.subservice: fundamentals
 ms.topic: conceptual
-ms.date: 08/26/2022
+ms.date: 11/14/2022
 ms.author: jricketts
 ms.reviewer: jricketts
 ms.custom: "it-pro, seodec18"
@@ -89,19 +89,25 @@ The most frequent scenarios for application deletion are:
 * An administrator intentionally deletes the application, for example, in response to a support request.
 * An automation script in Microsoft Graph or PowerShell triggers the deletion. For example, you might want a process for deleting abandoned applications that are no longer used or managed. In general, create an offboarding process for applications rather than scripting to avoid unintentional deletions.
 
-### Properties maintained with soft delete
+When you delete an application, the application registration by default enters the soft-delete state. To understand the relationship between application registrations and service principals, see [Apps and service principals in Azure AD - Microsoft identity platform](../develop/app-objects-and-service-principals.md).
 
-| Object type| Important properties maintained |
-| - | - |
-| Users (including external users)| *All properties are maintained*, including ObjectID, group memberships, roles, licenses, and application assignments. |
-| Microsoft 365 Groups| *All properties are maintained*, including ObjectID, group memberships, licenses, and application assignments. |
-| Application registration| *All properties are maintained.* (See more information after this table.) |
+### Administrative units
 
-When you delete an application, the application registration by default enters the soft-delete state. To understand the relationship between application registrations and service principals, see [Apps and service principals in Azure AD - Microsoft identity platform](../develop/app-objects-and-service-principals.md).
+The most common scenario for deletions is when administrative units (AU) are deleted by accident, although still needed. 
 
 ## Recover from soft deletion
 
-You can restore soft-deleted items in the Azure portal or with Microsoft Graph.
+You can restore soft-deleted items in the administrative portal, or by using Microsoft Graph. Not all object classes can manage soft-delete capabilities in the portal, some are only listed, viewed, hard deleted, or restored using the deletedItems Microsoft Graph API.
+
+### Properties maintained with soft delete
+
+|Object type|Important properties maintained|
+|---|---|
+|Users (including external users)|All properties maintained, including ObjectID, group memberships, roles, licenses, and application assignments|
+|Microsoft 365 Groups|All properties maintained, including ObjectID, group memberships, licenses, and application assignments|
+|Application registration | All properties maintained. See more information after this table.|
+|Service principal|All properties maintained|
+|Administrative unit (AU)|All properties maintained|
 
 ### Users
 
@@ -125,15 +131,19 @@ For more information on how to restore soft-deleted Microsoft 365 Groups, see th
 * To restore from the Azure portal, see [Restore a deleted Microsoft 365 Group](../enterprise-users/groups-restore-deleted.md).
 * To restore by using Microsoft Graph, see [Restore deleted item – Microsoft Graph v1.0](/graph/api/directory-deleteditems-restore?tabs=http).
 
-### Applications
+### Applications and service principals
 
 Applications have two objects: the application registration and the service principal. For more information on the differences between the registration and the service principal, see [Apps and service principals in Azure AD](../develop/app-objects-and-service-principals.md).
 
 To restore an application from the Azure portal, select **App registrations** > **Deleted applications**. Select the application registration to restore, and then select **Restore app registration**.
 
 [![Screenshot that shows the app registration restore process in the azure portal.](./media/recoverability/deletion-restore-application.png)](./media/recoverability/deletion-restore-application.png#lightbox)
 
-To restore applications using Microsoft Graph, see [Restore deleted item - Microsoft Graph v1.0.](/graph/api/directory-deleteditems-restore?tabs=http)
+Currently, service principals can be listed, viewed, hard deleted, or restored via the deletedItems Microsoft Graph API. To restore applications using Microsoft Graph, see [Restore deleted item - Microsoft Graph v1.0.](/graph/api/directory-deleteditems-restore?tabs=http).
+
+### Administrative units
+
+AUs can be listed, viewed, hard deleted, or restored via the deletedItems Microsoft Graph API. To restore AUs using Microsoft Graph, see [Restore deleted item - Microsoft Graph v1.0.](/graph/api/directory-deleteditems-restore?tabs=http).
 
 ## Hard deletions
 
@@ -150,7 +160,7 @@ A hard deletion is the permanent removal of an object from your Azure AD tenant.
 
 ### When hard deletes usually occur
 
-Hard deletes most often occur in the following circumstances.
+Hard deletes might occur in the following circumstances.
 
 Moving from soft to hard delete:
 
