Hello @Guy de Winton
Thank you for posting your query on Microsoft Q&A. I was able to review this and here is my understanding about the background,
You have setup an Azure AD domain via your personal/Microsoft Account (Gmail account username). This has led your Microsoft Account UPN to be global administrator. You are not able to reset the password for GA account from your tenant.
Please correct me in comments section if you find difference in my understanding
PFB answers to the questions:
-Is there a way to be able to be able to revoke the Active Directory domain provided identity password (as I can for the other users whose only identity is provided by the Active Domain)?
You could only change or reset password only for Azure AD users from Azure AD admin console. Any user entity created via external source such as MSA account or on-prem could be changed from on-prem AD (Until you have SSPR enabled for the user)
-In fiddling around with the previous question, I got into Cross-Tenant Access Settings in the External Identities section of the Active Directory and blocked everything - after which I was no longer able to log in with my MicrosoftAccount identity. But my user is not cross tenant. I am the primary administrator of my domain! I would love for someone to help me get my head around this...
This is because your MSA account is considered as an external B2B user. Kindly use an Azure AD user account as a tenant administrator.
-Finally, a bonus question... what is the best practice??? What should I be doing? What identity should the creator/admins of an Active Directory use to manage the Active Directory?
Once an Azure AD domain is setup, you should create an Azure AD domain admin account within your tenant. As B2B and synced users (on-prem users) would be managed via end users' options or on-prem domain admins respectively.
Please do let me know if you have any queries or suggestion in the comments section.
Thanks,
Akshay Kaushik
Please "Accept the answer", "Upvote" and rate your experience if the suggestion works as per your business need. This will help us and others in the community as well.