I have azure-devops organization (free license) and in my team already are 5 developers. Now we need to change one's developer email. Can user be deleted and added with new email address? I am not rushing to do that my self because afraid that if user will be deleted wont be able to add again. Have someone had this experience?
Can user be deleted and added with new email address?
As per the Documentation. A free License can have 5 users but not more than that so you can delete and readd users but it should be only 5
Below are the commands to add and delete the users
To Delete User
az devops user remove --user
[--org]
[--yes]
To Remove email address
az devops user remove --user contoso#contoso.com --org https://dev.azure.com/contoso/ --yes
To Add user
az devops user add –-email-id
--license-type {stakeholder}
[--send-email-invite {false, true}]
[--org]
For further information check Delete User and Add User.
I've contacted Microsoft support. And they told me that can't delete users and add again with different email. One solution is change exsisting account to stakeholder then add new one and set basic rights.
Related
I'm working off of Microsoft tenant to tenant migration preview as found here to move all our user email to a different tenant: https://learn.microsoft.com/en-us/microsoft-365/enterprise/cross-tenant-mailbox-migration?view=o365-worldwide
And I'm up to the step where I need to enable mail-users on the new tenant but nothing I have done so far has worked. I've been trying to use New-MailUsers to create a new external email address linked to the new user accounts but get an error that the proxy address is already in place so I have tried using the Set-User <identity> -PermanentlyClearPreviousMailboxInfo but that just says that it completed but nothing was changed.
I do have the new users created on the new tenant, and a couple of them are already licensed for mailboxes but the above does not work for either licensed nor unlicensed users.
Do I need to delete the user accounts completely and then try using the New-MailUsers to setup the external email address link for the new account? Or is there some step I'm missing somewhere?
Trying to make new mail enabled user
Trying to remove mailbox settings
The PowerShell error says that there is already a mailbox with that SMTP.
When you assign licenses, new mailboxes get provisioned. You need to remove everything, set up mail users with an exchangeGUID first, and then assign licenses.
From the article you referenced:
Users in the target organization must be licensed with appropriate Exchange Online subscriptions applicable for the organization. You may apply a license in advance of a mailbox move but ONLY once the target MailUser is properly set up with ExchangeGUID and proxy addresses. Applying a license before the ExchangeGUID is applied will result in a new mailbox provisioned in target organization.
When I joined my current company, a new user was created for me that had a random capitalized letter in the email address.
All attempts to fix the error were in vain, as there always remained some random place where the capitalization error showed up again.
In the end, IT decided the best solution was to just delete the user and start over (not a big deal as I was a new user).
So far, everything looked OK, until we noticed that in the Azure DevOps (TFS) the old user still showed up in search results, probably since it was not removed before the user was deleted.
As you can see, instead of an e-mail it shows the follwing:
OIDCONFLICT_UpnReuse_3f39b....
Is there a way to delete the old user permanently and prevent it from showing up?
Currently people can tag the old user, which is a big nuisance.
I'm not the IT guy, but I hope to find a lead to help them solve this issue.
Thanks!
You can delete the User permanently by using the below commands in Azure CLI
Note: the below mentioned command require admin access.
az devops user remove --user
--org
--yes
The above mentioned CLI command will help you in removing user permanently from the Azure Devops organization.
Example:
After user put email address
in the link put your organization name
Parameters
user: User's email to be removed.
org: Organization name from which user should be removed.
Below command will help you in configuring default organization if you are not configured
az devops configure -d organization=ORG_URL.
Use the below command if the default organization is picked up from different path
git config.
yes: Don't prompt for confirmation.
you can Refer for further details.
Sign in with a member user from Azure AD into the Azure DevOps organization and go to or click on "Settings / Azure Active Directory"
At the top, you will see a banner with the following message
4 member(s) of the x-ops organization can't sign in because they're not in the XOPSX Azure Active Directory. Delete any unwanted users in Organization settings, and then Resolve for remaining members. with a Resolve button next to it
You will have to click on Resolve to map the "Current Email" with the "Matched Identity in Directory" to map the user with its identity and resolve this issue.
I used personal e-mail as “Microsoft Identity” to sign-up for Azure Free Trial. My expectation is my e-mail ID is the root login for my account and associated identity is the root owner, and I think that was the case initially. Later, I deployed an Azure AD Tenant with a different name, turns out a bizarre pseudo-e-mail ID (UPN) became root owner of my parent account which I don’t have access for. Now I can’t delete subscriptions or the unwanted UPN. How can I reset my account to start from clean slate? One way is to use a different e-mail ID and get started with new account. I am wondering if some one can provide steps to perform clean-up and restart with same old e-mail ID / identity as root owner. Azure support plans start # $29.00/month and I am trying to avoid that.
Another symptom, I can't cancel supscription. It asks me to use contact owner, and that happens to be that bizarre very long email looking UPN which I can't use for login as those credentials aren't there.
You should contact Azure Support Team and raise a subscription ticket which is free for further help.
They can help you to manage your subscription owner and credit card / billing information from the backend.
We have an application which uses Azure B2C and Azure Active Directory.
Problem: User A wants to set his specific email address. But this is not possible because User B already used this email address before. User B has a proxyaddresses entry for this email, although User B does not use the emailadress anymore.
We tried to remove the smtp entry in proxaddresses for User B:
Azure Portal --> Values for ProxyAddresses are not editable
Windows Powershell
Connect-AzureAD -TenantId <TenantID>
$User = Get-AzureADUser -ObjectId "<ObjectIDUserB>"
$User.ProxyAddresses //Displays all proxyaddresses(smtpEntries)
$User.ProxyAddresses.Remove("<smtpEntry>")
Set-AzureADUser -ObjectId "<ObjectIDUserB>" //But then there is no parameter for ProxyAddresses to update
Are we missing something here or is there another way to remove a proxyadress entry for a user in azure ad?
Not sure if AAD Powershell can make it. But there is a quick way to do this.
You can log into O365 admin center with an admin account.
Find the User B and click on it. After the user details open, click on Manage username and email.
Then you can click on "···" -> Delete alias to remove the smtp proxaddress.
ProxyAddresses attribute for a unlicensed cloud-only user is read only unfortunately. There is a hacky workaround that will remove unwanted proxyAddresses for a cloud only unlicensed user though. Those steps are:
Soft-delete the user with the bad proxyAddress. Example: user#domain.com
Create a dummy user dummy#tenant.onmicrosoft.com and update this dummy user's mail attribute with the SAME email that you want to remove from the user soft-deleted in step 1.
Using the MSOnline powershell module run the following cmds:
Connect-MsolService
Restore-MsolUser -UserPrincipalName user#domain.com -AutoReconcileProxyConflicts
Confirm from Azure AD portal that the proxyAddress proxyaddresstoremove#domain.com has now been removed from user#domain.com account. From Azure AD portal, you may now delete dummy#tenant.onmicrosoft.com.
NOTE: This process is ONLY needed for a unlicensed cloud-only user. If user is a M365 liensed user you can use the M365 admin portal to remove the alias mentioned in another answer. If the user is a synchronized user from on-prem AD, then on-prem AD is the source of authority and you can update proxyAddress there and sync to AAD.
There is a very simple answer, I fought this for hours today. Simply run a powershell script to add the "smtp" address back to the account that you are showing it was on, then run a powershell to remove it. We had never AD Synced this account... only thing I can think of is when it was removed a while back from Exchange, it got hung up in Azure.
Add:
Set-Mailbox account#domain.com -EmailAddresses #{add="smtpaddress#domain.com"}
then Remove:
Set-Mailbox Account#domain.com -Emailaddresses #{remove="smtpaddress#domain.com"}
I am trying to give other users access to my resources in the Azure portal. I am trying to add them as a Contributor, but it seems like they are not able to see the resources when they login to the Azure portal.
Here's the access control list for the VM:
Any ideas why they can't see the resource when they login to the portal?
They are a Contributor.
When you add a user to an Azure subscription, s/he is also added to the directory if s/he isn't already there. This is considered an "invitation" that must be accepted before the user can get access. Tell the person to check their email, if this is the first time the email address has been added to a subscription in the directory. (Note that personal subscriptions are usually created along with a new directory whereas company subscriptions are usually in the company's directory.)
After accepting the invitation, s/he will need to switch to the directory before the subscription will be visible. You can do that in the top-right, like Juunas mentioned in the comment above. Here's a link to the directory switcher: https://portal.azure.com/#menu/account.
Steps to reproduce-
As owner:
Go to Resource Group you want to give access to:
Go to IAM:
Go to 'Add ROLE ASSIGNMENTS'
Search the name you want to give access to:
Select the Role (Contributor in your case)
Click Add and they will recieve an email.