I used personal e-mail as “Microsoft Identity” to sign-up for Azure Free Trial. My expectation is my e-mail ID is the root login for my account and associated identity is the root owner, and I think that was the case initially. Later, I deployed an Azure AD Tenant with a different name, turns out a bizarre pseudo-e-mail ID (UPN) became root owner of my parent account which I don’t have access for. Now I can’t delete subscriptions or the unwanted UPN. How can I reset my account to start from clean slate? One way is to use a different e-mail ID and get started with new account. I am wondering if some one can provide steps to perform clean-up and restart with same old e-mail ID / identity as root owner. Azure support plans start # $29.00/month and I am trying to avoid that.
Another symptom, I can't cancel supscription. It asks me to use contact owner, and that happens to be that bizarre very long email looking UPN which I can't use for login as those credentials aren't there.
You should contact Azure Support Team and raise a subscription ticket which is free for further help.
They can help you to manage your subscription owner and credit card / billing information from the backend.
Related
I created an Azure Devops organization using my hotmail account.
For this reason, I am the owner of this organization.
Then I wanted to bind this organization to an Azure Active Directory, so I went here and I attached my Azure AD
Then by mistake I added a new user to my Organization, however I chose a user belonging to another Azure AD so he is seen as an external user here.
Finally, I removed the hotmail user from the users page. As a result, the hotmail user is still the owner
, however he is not a member of the organization any more, so I can't enter any more:
Of course I may click "Request Access", however this request will be sent to the same hotmail account who is owner but is NOT a user... deadlock!
Can you help me please with an hint, I need to access my repos and Azure devops pipelines.
Thank you very much
I found it. This is the article which solved this problem.
Briefly, for organizations connected to Azure AD if the Owner and all other Project Collection Administrators are inactive in Azure AD, you can transfer ownership to another user.
I have two azure subscriptions, one personal, tied to my Microsoft ID, and another under a different Microsoft ID for a charitable organization where I am the one-man IT/web dev guy. I created the org's azure account/subscription myself. I can't figure out how to create websites, etc. under my personal MS ID login without logging in and out of the separate microsoft IDs to manage both sets of Azure resources.
Logging in with the org's MS ID, in the azure portal I've made my personal ID a subscription admin (Subscriptions>Access Control>Add my personal MS ID, then right clicked to make co-administrator. This is confirmed since now a right click shows "Remove co-admin" so that implies it's correctly set up as a subscription co-admin. That user is also in the Owner Role.
Step 2, in the Active Directory for the org subscription, Users and Groups>All Users>New User, added my personal MS ID. Then I select that user, click Directory Role on the left menu, and selected Global Administrator radio button and save.
So now my personal MS ID user is a subscription co-admin and a AD Global admin in the org's azure portal.
To check, if I then go to any resource group or App Service and look at Access control I see my personal MS ID user listed as an Owner for that resource and all other resources. So everything looks good.
So if I log out of the org ID and log in with my personal MS ID and go to the Azure portal, I see my usual personal Azure account resources. But I don't understand how to either see and manage those resources in the org's Azure subscription or how to switch subscriptions, or switch directories (it's not listed on the top right), and when creating a new resource, I have no option for the org's subscription to use. How do I see/manage those resources in the org's directory? Is this even possible? Or do I need to log out and log in with the org's MS ID, which is a major annoyance since it also logs me out of outlook etc. when I switch IDs.
Azure Subscriptions are "housed" within a specific Azure Active Directory Tenant. You should treat an AAD Tenant as the top level object structure, in that each Tenant is entirely separated from each other Tenant.
If you had multiple subscriptions within a single tenant, you would be able to sign in one time, and gain access to all those subscriptions.
However, since these subscriptions look like they are in different Tenants, there is no way to avoid logging in two times to access the two subscriptions. To expand on this, there would be no way to avoid logging in two times to access any unique objects across these two Tenants.
For me, the answer was
Access Azure portal login page
Click "Sign in as a different user"
type the exact same email address
select "School or Work account" option.
This one was tied to the Azure AD and they reset my password through there. Not sure it really helps you cos signing in and out all the time still a thing, but it took me far too long to get this right so thought i'd share.
When I try to sign in to Azure with my Company Given user account, I get the following message:
"We were unable to find any Azure subscriptions where you are a service administrator or co-administrator.
You are signed as username in the directory random_name.onmicrosoft.com."
I'd like my username associated with another yourcompanyname.onmicrosoft.com that others in my company are using. Ideas?
Thanks!
You need to make sure that the account you're using to login to the portal with is associated with the correct active directory that you want to use, and that you have permissions in the subscription you want to access as well. If you're using a Microsoft account, then you will need to ask whoever controls the directory for your company account to add your account to the directory - or get them to create you a user in the directory with the name yourusername#yourcompanyname.onmicrosoft.com, and login with that instead.
I am using my work email address to set up multiple Azure IaaS environments. When I log into Azure, I get asked if I want to use the "Work or School Account" or "Personal Account" - both referring to the same email address.
I don't recall setting up anything in terms of personal accounts, or linking my work email as a Microsoft Outlook.com/Hotmail/etc account.
Access to the subscription has been applied to my Personal account, not the work one.
When granting access, there's no way to pick which one you're giving access to.
Couple of questions
I've created some VMs but want them to be linked to my work account. Can I change this?
How do I unlink my work email from Personal. I want to use work just for work, and not have any confusion between the two.
See this screengrab for more information:
There are few problem with your account so lets go over them one by one.
First means that now you have 2 different accounts one it is your work account another one it is your microsoft account. You can create both of them with the same email since they are from 2 different tenants.
This is a concept important or you to understand there is something on Azure that it is over the subscription that is the tenant
Tenant
|- Subscription
|- Resource Group
|- Resource
All subscription under the same tenant have the same Authentication method, this Authentication method can be linked to an Azure Active Directory ( Office 365 subscriptions are Azure Active Directory ) So you can open a request to microsoft to transfer your subscription to your company tenant. if you do this all the resources under it will be transferred to your other authentication. You can open this ticket on the portal.
If you don't want your personal account anymore you can close it on https://account.live.com/closeaccount.aspx
Thanks to those who edited the question for me, my line-breaks didn't work by default, I'll ensure that I get it write next time. I was only allowed to post the image as an attachment being first-time poster, someone fixed that for me.
The answer from Gabriel Monteiro Nepomuceno was correct and touched on the root cause, but there's one element I didn't include in my question.
Regarding the tenant: the tenant is created under the company account of "company.com". I am a sub-contractor and was granted access to my own account at "benscompany.com". Azure support have advised that its only possible to grant access to different account via the personal account.
I have two businesses and each has an Azure subscription. I'm an admin for each using my same MS email account.
Bill is only involved in one of the subscriptions, but when I log into my subscription "Local Happenings" (to which Bill should have no access) I still see his email address in the URL.
This picture shows it better:
https://db.tt/kvuccFOO
I'm wondering why this is, and if it could potentially be a problem.
My fear is that if he decides to cancel his business's account, then he will cancel mine or something.
I tried again to create a new subscription to verify I wasn't already logged into his subscription (I used a different browser), but it still shows his email address in the URL.
Anyone have any ideas?
UPDATE 1:
https://db.tt/QHJrfIno
I see that my subscription is under his "default directory". I never selected this when creating my subscription. How do I change this, and is it the culprit?
What shows under the "Active Directory" tab in the management portal for each Subscription? When you say "MS email account" is that an old hotmail-type account or one registered via Office 365 or Azure?
The fact that the account showing in the URL has #XXX.onmicrosoft.com address suggests there is a link back to an Azure Active Directory (AAD) instance. If this is shared between the subscriptions (potentially as a login from it was used to create on of the subscriptions) then this would be the cause.
You need to make sure a non-AAD account is an admin on the subscription so that removal of an associated Azure AD instance will not orphan the subscription.
Have a read of the AAD documentation here for more information: http://msdn.microsoft.com/library/azure/dn629581.aspx