I have an application in Azure that's listed under 'App registrations' -> 'Applications from personal account' that I would like to move to a directory so other users in the company can manage it.
There's an info message that has this to say about personal account applications:
These applications are associated with the account xxxxxxxxxxxxx but
are not contained within any directory. They are shown here so you
can manage them, but will not be available to other users or admins in
this directory.
Is there any way to move it? I haven't been able to find any info on this, and seeing as it's in use in the wild by thousands of users I would prefer not to create a new one and have them re-authorize.
I have confirmed this with Azure support engineer. The answer is no. Here is the reply. Hope it helps.
Your applications were created in converged app portal by your
Microsoft account. After lab tested, the Apps owner cannot be changed
to a work account because the MSA account is not contained within any
AAD. The workaround would be re-create it in the new tenant for your
application.
Related
My team already has a working Azure DevOps account. I would like to start an Azure subscription / Active Directory to begin linking our DevOps to App Services and other Azure products.
However, any time I click on a link to get started with Azure, I am met with a perplexing paradox trying to log in.
First I'm told that I can't log in because my MS account isn't found:
But if I try to "Create one!" or "get a new Microsoft account", I'm told it already exists:
I've taken out the email address being used, but I've confirmed they are the same between the two screens (I'm not even typing anything; all I'm doing is clicking "Next" on each screen).
I know that this MS account is valid. It's the same one I use to sign in with Azure DevOps and many other MS services. I'm not sure why I can't log in to the Azure set up platform. And there doesn't seem to be any kind of support options with Azure before you become a subscriber, so I thought I'd try my luck posting the issue here.
Thanks for any help!
You can connect your Azure DevOps organization to Azure Active Directory (Azure AD). Kindly checkout this document - About accessing your organization via Azure AD
Just to clarify, I hope you are an administrator on the subscription.
https://learn.microsoft.com/azure/devops/organizations/accounts/faq-azure-access?view=azure-devops
When your sign-in address is shared by your personal Microsoft account and by your work account or school account, but your selected identity doesn't have access, you can't sign in. Although both identities use the same sign-in address, they're separate: they have different profiles, security settings, and permissions.
Sign out completely from Azure DevOps by completing the following steps.
Closing your browser might not sign you out completely.
Sign in again and select your other identity.
https://learn.microsoft.com/azure/devops/organizations/accounts/faq-azure-access?view=azure-devops
To connect your organization to Azure AD.
Sign in to your organization, https://dev.azure.com/{yourorganization}).
Select gear icon > Organization settings.
Select Azure Active Directory, and then select Connect directory.
We have a Office365 account that uses Azure Active Directory for our company e-mail accounts. We have a totally separate (different login) Microsoft Azure account that we have been using without touching Azure Active Directory within.
We are looking to implement Azure Active Directory within our apps, and would like to use our existing O365 Active Directory since it already has all the users created. Is there any way for us to somehow link our Azure account to the O365 account so we can use that active directory in our Azure account?
I have found some examples, but they all seem to use the premise that you are logging into both Azure and O365 with the same credentials. That is not how ours is setup unfortunately.
If you are interested in combining the two (usually keeping O365 identities and making that AAD the default for your Azure subscription), you can contact Microsoft directly and they will be able to manually pair the two. As of 6 months ago (last time I did this) there was no way to do this yourself without assistance from MS.
You can open tickets through the Azure portal or the Office 365 web site.
Found a article that got me pointed pointed in the right direction and I was able to get this done:
How to associate or add an Azure subscription to Azure Active Directory
Ultimately I needed to have one Microsoft account that had sufficient permissions on both Active Directory tenants. It was tricky because both accounts were different Microsoft accounts using the same e-mail address, and either directory would not let me add another account with a duplicate e-mail address. I used a separate Microsoft account and added it as a AD guest on both directories. Once that was done, I was able to login with the new account with access to both directories and pick which directory I wanted to use within my Azure account.
I have an account in VSTS, which have both personal and work account. I have a project named abc.visualstudio.com under my work account. I would like to change this project to my personal account.
Changing ownership to a different person is quiet easy in VSTS. Changing a project from one directory to another of the same person is a bit tricky and I am struggling to get this done.
Make sure that "xyz#hotmail.com" is the current owner of the VSTS account and then disconnect the VSTS account from the linked Azure AD, the owner will switch to the Microsoft Account with "xyz#hotmail.com".
One important thing you need to know is that disconnecting VSTS from AAD will cause the other users who use the work account cannot sign in. So you need to make sure that all the other users also switch to microsoft account.
I'm a developer that has an Azure account for my own dev stuff. I log into my dev account using me#hotmail.com.
Next, I set up a client with their own Azure account, then invited myself via me#hotmail.com and set myself as a co-administrator for the client's subscription. When I subsequently log into Azure using me#hotmail.com, I only see my own subscriptions/resources, etc.
Is there a way that I can log into Azure, using me#hotmail.com, and have access to both my dev stuff as well as my client's subscription from within the portal (specifically portal.azure.com).
Not sure if this is supported or if I'm doing something wrong. Thanks
You can only view subscriptions for a single directory at a time.
If you click your name in the top right corner of the portal you can select which directory you want to work from.
There is a suggestion on the Azure feedback site to add the ability to view subscriptions from all directories: http://feedback.azure.com/forums/223579-azure-preview-portal/suggestions/4761959-manage-subscriptions-across-all-available-director
I can't seem to figure out how I can delete the tenant which I have created from my Azure Subscription. Can anyone help me figure out how to do this? It sounds like it should be easy to do, but maybe I'm missing something.
Currently you cannot remove AAD tenant from the Azure Portal. You also cannot rename it. The good thing is that you are not being charged for it if you are not using any special features (i.e. even if you use for just authenticating without the Two-Factor-Authentication it is still free!). And I don't recall to have seen an API via which you would be able to remove an AAD tenant.
UPDATE
As of November 2013 you are able to rename Azure AD, Add new Azure AD, change default AD for a subscription, delete Azure AD(as long as there is not subscription attached, and no user/groups/apps objects in it).
We were eventually able to delete an Azure Active Directory instance after we deleted all mapped users (except for the administrator who was logged in) and groups.
Make sure you go through the following list of possible causes for not being able to delete your Azure AD:
You are signed in as a user for whom <Your Company Name> is the home directory
Directory contains users besides yourself
Directory has one or more subscriptions to Microsoft Online Services.
Directory has one or more Azure subscriptions.
Directory has one or more applications.
Directory has one or more Multi-Factor Authentication providers.
Directory is a "Partner" directory.
Directory contains one or more applications that were added by a user or administrator.