Any risks removing MSA account as primary user from Azure AD Tenant

Andrew Macaulay 141 Reputation points
2022-08-16T15:18:01.66+00:00

I have an old Azure environment that is no longer in use which was setup from my Microsoft Account (a personalised email on outlook.com). This MSA is used for my PC logons, outlook.com, Microsoft 365 Family subscription, family personalised email addresses, OneDrive Personal, Xbox subscriptions plus all my purchases of software through the store, so is REALLY important.

Ideally I would like to retire the Azure environment completely (to keep things simple going forward) but I want to be 100% sure that there will be NO impact on my Microsoft Account if I have the tenant deleted or at least the MSA account deleted from the Azure AD.

Are there any risks to my Microsoft Account and the critical to me (non-Azure) services that it provides if I remove this federated user from my Azure AD - the User Principal Name for the user is shown in Azure AD as "name_mypersponaldomain#EXT#@azuredomainname.onmicrosoft.com" with the Identity Issuer as "MicrosoftAccount" and the Sign-In Type as "federated".

My understanding of federated users says that there should (in theory) be no risks, but I had faced some issues with payment methods in this Azure environment stopping me deleting an old credit card from my Microsoft Account (now resolved), so there are obviously some other interactions between the environments.

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,388 questions
0 comments
Accepted answer
  1. Vukasin Terzic 341 Reputation points MVP
    2022-08-16T16:54:46.577+00:00

    Hello Andrew,

    I went over a similar process recently, so I can speak from the experience :)

    In general, deleting the Microsoft Tenant won't affect your account (your outlook.com email, other Microsoft services connected to it, ...)

    Deleting the entire tenant (not just a subscription) requires some clean-up first. For example, you need to have everything paid first and no outstanding debt. You need to delete all other users and leave just one Global Administrator. If the account was synchronized, you need to stop the synchronization. You need to delete all the Apps. Etc. After that, it's all good :)

    Deleting the tenant will then remove it, you won't be able to see it under AAD Admin Center anymore. But your account will stay and continue to function as usual.

    I hope this answered your question :) If it did, please select it as an acceptable answer.

    Vukasin

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest