Only Global Admin Account Locked Out After Enabling Azure Identity Protection Risky User Policy

William James Weatherall 1 Reputation point

Hey everybody,

I stupidly enabled the risky user policy in Azure Identity Protection and then tested it with the only global admin account behind a Tor browser. Needless to say, the account was blocked and I am now locked out of the tenant. It was a lab environment, so not the end of the world necessarily. However, I do have 2 VMs running. I haven't been able to find a way to get logged back in yet and was wondering if anybody has up to date support numbers for Microsoft so I can get a ticket to get this resolved. I am in New Zealand and the numbers I've found so far are either disconnected or just ask me to go online to log a ticket, which I haven't been able to do yet either.

I would really appreciate some guidance

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,194 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Marilee Turscak-MSFT 35,806 Reputation points Microsoft Employee

    Hi @William James Weatherall ,

    If you are the only global admin on the account, you have these options:

    1.) Contact the technical support team via phone support.


    2) Call the Azure Data Protection team to get unlocked. Their phone number is (866-807-5850). Note that they are backed up at the moment and may be delayed in their reply.

    As we don't have access to unlock your account in the forums, you will need to reach someone on the support team to assist you. This is why it's recommended to have a break-glass account and recovery options enabled.

    If the information helped you, please Accept the answer. This will help us and other community members as well.

    0 comments No comments