For a full list of attributes restored by On Demand Recovery, visit the On Demand Recovery Supported Attributes guide.
For a full list of attributes restored by On Demand Recovery, visit the On Demand Recovery Supported Attributes guide.
Microsoft Entra Connect synchronizes many attributes for users and groups from on-premises Active Directory but there are also cloud objects, properties, and links to Microsoft 365 resources which are not protected by Microsoft Entra Connect and restored only with On Demand Recovery.
Table 9: Types of cloud-only objects restored by On Demand Recovery
| Object Type | Description | Azure Recycle Bin |
|---|---|---|
| Guest users | A Microsoft Entra business-to-business (B2B) collaboration user that typically resides in a partner organization and has limited privileges in the inviting directory. | 30 days |
| Microsoft 365 Groups | Groups that are used for collaboration between users, both inside and outside the company. | 30 days |
| Cloud only Security Groups | Groups that are used for granting access to Microsoft 365 and Microsoft Entra ID resources. | No |
| Dynamic Security Groups | Groups with dynamic rule-based membership. | No |
| Dynamic Microsoft 365 Groups | Microsoft 365 Groups with dynamic rule-based membership. | 30 days |
| Devices | Device registration records in Microsoft Entra ID. | No |
| Application Registration | Stores application manifest (non-Gallery application manifests are not supported), logo, sign in, up URLS and other information. | 30 days |
| Conditional Access Policies | Microsoft Entra policies that are used to control user access to cloud applications and resources. | No |
| Named Locations | Named lists of IP prefixes that are used in Conditional Access Policies. | No |