Key Points
- Microsoft 365 restore testing is the only way to prove you’ve closed the shared responsibility gap. Microsoft is responsible for platform uptime, but customers are responsible for data recovery. Regular restore testing confirms that retention policies, admin access, and backup tools actually allow data to be restored when users, ransomware, or misconfigurations cause data loss.
- Microsoft 365 restore testing ensures Exchange, OneDrive, and SharePoint data can be recovered, not just backed up, within defined RTO and RPO targets.
- Testing restore scenarios proves business continuity, compliance, and audit readiness for MSPs and IT teams.
- Native Microsoft 365 retention has limitations, making third-party SaaS backup critical for granular, point-in-time restores.
- Documenting restore results against RTO/RPO benchmarks helps identify gaps and reduce data-loss risk.
- Automating restore validation with PowerShell, Microsoft Purview, and Graph API improves accuracy, scalability, and compliance.
IT experts know that backing up Microsoft 365 (M365) workloads is essential. Even Microsoft itself states that doing so “ensures your organization’s data is always protected and easily recoverable”. What many business leaders forget to plan for is how to get their data back. After all, it doesn’t matter how well a software solution can back up data if you cannot restore it.
Absolute assurance comes from running Microsoft 365 restore tests, which simulate real-world data loss and measure recovery against your RTO (Recovery Time Objective) and RPO (Recovery Point Objective).
By testing restore scenarios in Exchange Online, OneDrive, and SharePoint, MSPs can:
- Confirm data can be recovered within the required timeframes
- Validate backup configurations against compliance obligations
- Provide evidence of resilience during audits or client QBRs
- Spot configuration gaps before a real incident occurs
This guide walks you through step-by-step restore testing using built-in M365 features, third-party backup tools, and optional scripting.
📌 Prerequisites:
- Global Admin or delegated admin permissions
- Access to M365 admin center + workload-specific portals (Exchange, SharePoint, OneDrive)
- Active SaaS backup solution or reliance on native retention features
- Defined RTO and RPO benchmarks
- Documentation repository (e.g., SharePoint, IT Glue)
📌 Recommended deployment strategies:
| Click to Choose a Method | 💻 Best for Individual Users | 💻💻💻 Best for Enterprises |
| Method 1: Define test scope and success criteria | ✓ | ✓ |
| Method 2: Test Exchange Online mail restore | ✓ | ✓ |
| Method 3: Test OneDrive restore | ✓ | ✓ |
| Method 4: Test SharePoint restore | ✓ | ✓ |
| Method 5: Document and compare against RTO/RPO | ✓ | ✓ |
| Method 6: Automate restore test validation | ✓ | |
| Method 7: Report and integrate results into governance | ✓ | ✓ |
⚠️ Important:
- Methods 1, 5, and 7 are universal (you can’t skip them if you want a complete framework).
- Methods 2–4 test each M365 workload individually.
- Method 6 (automation) is optional but recommended for enterprises managing scale and compliance.
Method 1: Define test scope and success criteria
📌 Use Cases: To create a repeatable, business-aligned restore testing plan for M365
📌 Prerequisites:
- Access to a documentation repository (SharePoint, IT Glue, Confluence, etc.)
- Defined RTO (how quickly data must be restored) and RPO (how much data you can afford to lose) benchmarks
- Agreement on which workloads and user accounts will be tested
Steps:
- Pick representative targets: Select at least one mailbox, one OneDrive account, and one SharePoint site for testing.
- Define restore objectives: Write down what you expect. (E.g., “Recover a deleted email within 15 minutes” or “Restore a SharePoint library to yesterday’s state.”)
- Align with RTO/RPO: Make sure your test objectives reflect your defined recovery time and data loss tolerances.
- Document your plan: Save your test scope, chosen data sets, and success criteria in your documentation tool.
Deliverable: A written test plan outlining workloads, test data, and expected outcomes
Method 2: Test Exchange Online mail restore
📌 Use Cases: To validate that Exchange Online emails can be restored quickly and accurately
📌 Prerequisites:
- Global Admin or Exchange Admin permissions
- Access to Outlook, Outlook Web Access (OWA), or Exchange Admin Center (EAC)
- Backup solution configured (if testing third-party restore)
(A) Native restore
- Open Outlook or OWA.
- Go to Deleted Items.
- Select Recover items deleted from this folder.
- Restore messages (available up to 14–30 days by default, depending on retention policies).
- For purged items, use Exchange Admin Center or run PowerShell commands:
(B) Backup tool restore
- Open your backup tool’s console. We recommend using NinjaOne Saas Backup for its ease of use.
- Select a test mailbox.
- Choose the email(s) to restore.
- Restore in place (back to the mailbox) or export to a PST file.
- Validate by checking restored message visibility and timestamps.
Deliverable: Verified restore of a test email that matches the expected RTO/RPO
Method 3: Test OneDrive restore
📌 Use Cases: To confirm that OneDrive files or accounts can be restored after accidental deletion or ransomware
📌 Prerequisites:
- OneDrive admin permissions or delegated access
- Backup solution with OneDrive integration (if applicable)
(A) Native restore
- Log in to the user’s OneDrive.
- Open the Recycle Bin.
- Restore files (default 30 days, up to 93 days in some cases).
- Use Files Restore to roll back the entire OneDrive to a state within the last 30 days.
(B) Backup tool restore
- In your backup console, select the OneDrive user.
- Choose file(s) or folder(s) to restore. Restore them to the original or alternate path.
- Validate by checking file versions, permissions, and sharing links.
Deliverable: Verified recovery of OneDrive files and/or account state
Method 4: Test SharePoint restore
📌 Use Cases: To validate that SharePoint sites and libraries can be restored within retention or from backup.
📌 Prerequisites:
- SharePoint Admin permissions
- Access to target SharePoint site(s)
- Backup solution with SharePoint support (if applicable)
(A) Native restore
- Open the site’s Recycle Bin.
- Restore deleted files.
- If not found, check the Site Collection Recycle Bin.
- Use Version History on documents to roll back to an earlier version.
(B) Backup tool restore
- Select the target site or library in your backup tool.
- Restore content in place or to a temporary validation site.
- Validate by checking files, lists, and permissions.
Deliverable: Confirmed recovery of SharePoint files, libraries, or site structures
Method 5: Document and compare against RTO/RPO
📌 Use Cases: To measure actual restore performance against business-defined RTO/RPO.
📌 Prerequisites:
- RTO/RPO benchmarks established
- Documentation repository (g., SharePoint, IT Glue)
Steps:
- After completing restore tests (either Methods 2, 3, or 4), record the start and end time of each restore.
- Compare the restore duration against your defined RTO.
- Check restored data freshness against your defined RPO.
- Note any errors, delays, or missing items.
- Save results in your documentation system.
Deliverable: A restore validation log that shows success or gaps against RTO/RPO
Method 6: Automate restore test validation (optional)
📌 Use Cases: To streamline and scale restore validation for M365 workloads.
📌 Prerequisites:
- Admin permissions for Exchange Online, OneDrive, and SharePoint
- PowerShell access (for Exchange Online validation)
- Microsoft Graph API access (for OneDrive/SharePoint validation)
- Optional: Backup tool API access
(A) Exchange Online
- Open PowerShell.
- Execute this command:
| Connect-IPPSSession $User = “[email protected]” $SearchName = “RestoreTestCheck-$(Get-Date -Format yyyyMMddHHmmss)” New-ComplianceSearch -Name $SearchName -ExchangeLocation $User -ContentMatchQuery ‘subject:”Restore Test”‘ Start-ComplianceSearch -Identity $SearchName do { Start-Sleep 5 } while ((Get-ComplianceSearch -Identity $SearchName).Status -ne “Completed”) Get-ComplianceSearch -Identity $SearchName | Select-Object Name, Status, Items, CreatedTime |
💡 This method is supported in all current Exchange Online tenants, confirms whether restored emails are discoverable, and allows the results to be logged automatically for validation or audit reports. In addition, this step uses a Compliance Search (Microsoft Purview) to automatically verify that restored test messages are discoverable and logged for validation.
(B) OneDrive/SharePoint
Use the Microsoft Graph API to confirm that files have been restored or to check the version history.
(C) Centralize Results
- Export validation results to a CSV file or log.
- Save logs in your documentation system for audits.
Deliverable: Automated validation logs proving restores were successful.
Method 7: Report and integrate results into governance
Keep in mind that Method 7 assumes you have already completed restore testing using Methods 1–6.
📌 Use Cases: To provide compliance evidence and transparent reporting for clients and stakeholders.
📌 Prerequisites:
- Access to a reporting or documentation platform (SharePoint, IT Glue, Confluence, etc.)
- Defined reporting process for QBRs or audits
Steps:
- Consolidate test results into a single report or dashboard.
- Store reports in your documentation system or SharePoint.
- Present results during QBRs or audits.
- Create tickets for any restore failures, delays, or gaps in coverage.
- Use results to plan remediation actions or justify new backup tooling.
Deliverable: A client-facing restore validation report or governance dashboard
Automation touchpoint example
Automation helps you run restore tests on a schedule, validate results, and document findings without heavy manual effort.
Steps:
- Trigger test deletions in Exchange, OneDrive, and SharePoint (create controlled test items, then delete them).
- Run restores automatically using your backup tool’s API or PowerShell scripts.
- Validate results using Microsoft Purview Compliance Search for Exchange Online or Microsoft Graph API queries for OneDrive and SharePoint to confirm that restored items exist and meet recovery objectives.
- Log results to a CSV file or structured log format for easy tracking.
- Distribute results by emailing the log to admins or syncing to your documentation system.
- Archive findings in your central repository (SharePoint, IT Glue, NinjaOne Docs, etc.) for future reference.
Deliverable: A repeatable automation workflow that saves time, ensures consistency, and provides audit-ready restore validation logs.
⚠️ Things to look out for
| Risks | Potential Consequences | Reversals |
| Incomplete documentation of restore tests | Audit findings or compliance gaps | Re-run tests and update the documentation immediately. |
| Reporting only successes, not failures | False sense of security, unaddressed risks | Include both successes and failures in reports, and mark failures for remediation. |
| Not standardizing the reporting format | Confusing results across QBRs or clients | Adopt a simple template or dashboard for all reports. |
| Skipping governance integration | Restore testing remains ad hoc | Schedule reporting as part of quarterly governance or MSP service reviews. |
Best practices summary for an M365 data restore
- Define scope and success criteria: Set clear objectives before testing so that restores are tied to business needs and compliance requirements.
- Test Exchange Online restores: Verify that deleted or purged emails can be recovered within the retention or backup window.
- Run OneDrive restore tests: Check both single-file recovery and full account rollback to confirm resilience against accidental deletion or ransomware.
- Validate SharePoint restores: Restore document libraries, lists, and permissions to prove site-level recovery paths are intact.
- Document every restore test: Capture results consistently to stay audit-ready and demonstrate transparency.
- Compare results against RTO/RPO: Measure recovery times and data freshness against targets to confirm performance meets business expectations.
- Automate validation where possible: Use PowerShell, Microsoft Purview Compliance Search, Graph API, or backup tool APIs to reduce manual steps. Automation speeds testing, ensures consistency, and lowers the risk of human error.
How NinjaOne can help restore M365 files
NinjaOne can support your M365 restore testing framework by:
- Scheduling recurring automation or backup tasks (e.g., quarterly) for Microsoft 365 accounts
- Running PowerShell scripts automatically to validate Exchange Online restores
- Centralizing documentation by storing restore logs, CSV files, and screenshots in NinjaOne Documentation.
- Generating customizable reports on backup and restore performance that can support QBRs or compliance reviews.
- Creating tickets automatically for failed backup or restore events to ensure timely remediation
Additionally, NinjaOne’s Backup can serve as a complementary solution for M365 environments, with features such as:
- Flexible compatibility with on-premises, cloud-based, and hybrid storage infrastructure
- Fast, granular recovery options for various file types
- Centralized data management for minimized use of additional third-party tools
Quick-Start Guide
NinjaOne does support these restore scenarios (Mail, OneDrive, and SharePoint.) based on the product capabilities. Here’s what you can generally expect:
Microsoft 365 Restore Capabilities
1. Mail Restore
- Full mailbox restore to the same or different user
- Selective restore of specific emails/folders
- Point-in-time recovery
2. OneDrive Restore
- Full OneDrive restore to same/different user
- Folder/file level restore
- Version history recovery
3. SharePoint Restore
- Site/subsite restore
- Document library restore
- Version history recovery
Testing your M365 restore
Testing restore scenarios in M365 is essential when backing up data. By validating restores across Exchange, OneDrive, and SharePoint, MSPs gain assurance that their business-critical data is always available, even in the worst-case scenario.
Related topics:
