This post discusses the steps which need to be followed to remove an external user from SharePoint Online (Office 365). An external user is one, who’s not a part of your domain (meaning his/her user account won’t be present in your On-Premises Active Directory , which later got synchronized with Azure AD nor would be present on Azure AD alone). To be more elaborative, an external user is someone outside your organization (i.e. domain), who can access your SharePoint Online sites and the documents but does not have a proper license assigned to him to access SharePoint Online or any other Microsoft Office 365 Service. These so called “External users” are not employees, contractors or onsite agents for you or your affiliates.

External users inherit the use rights of the SharePoint Online customer, who is inviting them to collaborate. For example, if an organization purchases an E3/E5 Enterprise plan and builds a site which uses the enterprise features, the external user is granted rights to use and/or view the enterprise features within the site they are invited to. While the external users can be invited as the extended project members to perform a full range of actions on a site, they will not have the exact same capabilities as a full, paid, licensed member within your organization.

Thus, let’s take a look at the steps to remove an external user, using SharePoint Online Management Shell.

Note- Before proceeding further, make sure you have installed and configured SharePoint Online management shell in your PC. I’ve created a post on it and please check this link to access it.

1. Start SharePoint Online Management Shell.
2. Type the following cmdlet.
   
   $credential = Get-Credential
   
   Once you enter this cmdlet, you will get a Windows dialog box, asking for your Office 365 credentials. Please enter your credentials and then validate it by using the $credential cmdlet. This will return UPN with which you are signed in.
   
   
   
   
3. Once done, run the cmdlet, given below, to connect to your SharePoint Online tenant.
   
   Connect-SPOService -Url https://365vignesh-admin.sharepoint.com -Credential (Get-Credential)
   
   
   
   
4. Get the external user’s information (i.e. the one whom you want to remove) by running the cmdlet, given below-.
   
   $user = Get-SPOExternalUser -Filter [email protected] #Provide the email address of the user
   
   
   
   
5. Now, once you have retrieved the external user’s information, run the cmdlet, given below, to remove the user, as shown below-
   
   Remove-SPOExternalUser -UniqueIDs @($user.UniqueId)
   
   Click Y to confirm to remove the user, as shown in the screenshot, given below-
   
   
   
   
6. Once done, in order to remove the user from all SharePoint Online site collections, you need to run the cmdlet, given below. Please note that this command has to be ran for all the site collections, where the user has been granted access to.
   
   Get-SPOUser -Site https://365vignesh.sharepoint.com/teams/no02 -LoginName alan_eric- nolen.no#ext#@365vignesh.onmicrosoft.com
   
   Here, the login name is, what you get, when you search for this user on “Manage user profiles” section in SharePoint admin center.
   
   
   
   
7. Now, remove the external user, using the cmdlet, given below-
   
   Remove-SPOUser -Site https://365vignesh.sharepoint.com/teams/no02 -LoginName alan_eric-nolen.no#ext#@365vignesh.onmicrosoft.com
   
   
   
   
8. You can verify whether the user has been removed successfully by running the “Get-SPOUser”, which we ran in the previous step and it should return an error, thereby stating that the user cannot be found. This confirms that the user has been removed successfully.
   
   
9. Now, in addition to all the above mentioned steps, you need to remove the user from the UserInfo list as well, so that the user doesn’t show up in the people picker field, when you search for that user. For it, go to the site collection URL in question and edit the URL by adding the following string to the end of it-
   
   _layouts/15/people.aspx/membershipGroupId=0
   
   For example, if the site collection name is https://<vignesh>.sharepoint.com, then this is how, you need to edit the URL by adding the string.
   
   https://<vignesh>.sharepoint.com/_layouts/15/people.aspx/membershipGroupId=0
   
   
10. Finally, once the user has been removed from SharePoint Online as well as the site collection in question, the external user’s profile will still show up under “Manage user profiles” section in SharePoint admin center. This is quite normal and please wait for SharePoint Online to remove the user’s profile from SharePoint admin center. This task will take couple of hours and hence please check the status of that user’s account in SharePoint Online admin center after few hours .You will notice that the user’s profile has been removed successfully.
    
    
    
11. Once you have confirmed that the user’s account has been removed successfully, you need to clear the Browser cache. Please note that SharePoint Online uses Browser caching in several scenarios, including the People Picker. Even though, a user was fully removed from the system, he or she may still remain in the Browser cache. Clearing the Browser cache should resolve this issue.

Thanks for reading this post ….Happy SharePointing.