This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Our primary Global Administrator account is blocked, and no other accounts currently have the Global Administrator role. We urgently need to assign this role to an active account to manage Azure AD effectively. Are there any steps or alternatives to resolve this issue, such as using another admin role, contacting Microsoft support, or any tools available? Any guidance would be appreciated.
Hi @Moazzem Hossain ,
the best option might be to create a support request with Microsoft in the Microsoft Entra Id admin center or the Azure Portal. Navigate to Help + support an create a support request.
On the page Recommended solutions click on Return to support request.
On the following page add required information and submit the request.
Kind regards
Andreas Baumgarten
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 78%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESG%3C/text%3E%3C/svg%3E)
Thank you for posting this in Microsoft Q&A.
As I understand in your organization primary Global admin has been blocked. Currently you do not have any admin to manage your Entra ID as there are no Global admins. You want to know if any other admin can assign Global admin role to anyone else.
Yes, you can get the Global admin role assigned to some other account only if you can login with account which has Privileged Role Administrator
This role has an ability to assign Global admin role to any other account within Entra ID.
If you do not have any other account with Privileged Role Administrator, then the only option is to contact support and data protection team to unblock your Global admin account.
If you are the only global admin on the account and are blocked entirely, you can reach out to our support team. You can look into below article to get support numbers depending on your country.
or creating a ticket through a different account: https://learn.microsoft.com/en-us/microsoft-365/admin/get-help-support?view=o365-worldwide#phone-support
Create a ticket with Microsoft support team. Give them the tenant ID which is locked out in your description. Tell them that no admin account has access anymore and your partners also have no access anymore.
Once you create a ticket with support team you will have to work with our data protection team. You will have to first prove your identity against your tenant for security purpose. Post that this team will help you with help you in getting access to your tenant or unlock your account depending on your scenario.
Also, for the future, you can create an emergency access account (break glass) in Azure AD. This account will help prevent being accidentally locked out of your Azure Active Directory (Azure AD) organization because you can't sign in for any reason.
https://docs.microsoft.com/en-us/azure/active-directory/roles/security-emergency-access
Let me know if you have any further questions on this.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.
Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept the answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread.