New-ComplianceSearchAction -SearchName "GDPR Fuckups" -Purge
Are you sure you want to perform this action?
This operation will make message items meeting the criteria of the compliance search “Remove Vetting messages” completely inaccessible to users. There is no automatic method to undo the removal of these message items.
[Y] Yes [A] Yes to All [N] No [L] No to All [?] Help (default is “Y”): A
When few days ago I tried to perform a message removal from some mailboxes, I used the New-CompliancesearchAction cmdlet with ONLY the “-Purge” switch, unfortunately (for the cmdlet :D) I decided to check whether the messages were really removed, to my surprise… messages were still sitting in “Deletions” folder – so user could still recover them using “Recover Deleted Items” functionality.
To remove the messages completely I leveraged classic approach with Search-Mailbox cmdlet along with “-DeleteContent” switch agains these few mailboxes reported by New-ComplianceSearch – this moved the messages to the “Purges” folder, so the user is not able to restore it – only a person from litigation depeartment / superadmin having special permissions on Exchange.
New-ComplianceSearch likes to return errors for some mailboxes (just few, but still) so always check the reports from this cmdlet (simply by Get-ComplianceSearch | fl). The top of the report will contain mailboxes with particular email – they will be sorted in descending way, but take a look on the bottom of the report – it may contain information that some maiboxes coudln’t be searched through – for me it was random mailboxes per each search. Remember to include these mailboxes in your “Seach-Mailbox -DeleteContent” task as well.
Microsoft documentation has been updated