Can't Delete Azure Active Directory

Marlis Septian 6

Hi Guys,

So I want to delete my azure AD lab environment, but everytime I want to delete the directory it's say that i need to delete all of my enterprise application. But, there are not any enterprise application listed.

When I create global admin user, the status of enterprise application is checked and now of course the Users status is uncheck cause there are still user in it.

Take a look at my screenshoot below.

Enterprise Application status in uncheck
There are no enterprise application
Now user is uncheck

*Note : Why I'm creating the user again is cause I want to delete the enterprise application via power shell, but when I create the user the status for my enterprise application is check (means there are no application)

9 answers

Amitabha Roy Chowdhury 11 Reputation points

2020-07-27T14:17:23.22+00:00

What was the resolution to this problem? I am facing exactly the same situation.
Please sign in to rate this answer.

2 people found this answer helpful.

0 comments No comments
Sign in to comment
Anonymous

2020-12-01T21:24:11.167+00:00
Had this same issue. My solution for me was as explained by @soumi-MSFT - there are service principals which seem to get added to the tenant which block deletion. I logged into the Az PoSH module and issued the command Get-AzADServicePrincipal and you see them here.

Problem is, some of these are not removable and give error: "Remove-AzADServicePrincipal: Specified App Principal ID is Microsoft Internal"

The way I got around this was just to use: Get-AzADServicePrincipal | select Id | Remove-AzADServicePrincipal

this removed everything which could be removed. Now the 'Enterprise Applications' check passed okay and the 'Delete' button appeared. Just another warning, when I tried straight away I got error 'Unable to delete tenant' with no detail - but after about 2-4 minutes, I tried again and it deleted.
Please sign in to rate this answer.

2 people found this answer helpful.
Gianni Rubio 1 Reputation point

2021-02-07T05:49:20.93+00:00

Thanks so much for this! I was able to remove the remaining enterprise apps that showed in the portal using remove-azadserviceprincipal and the objectIDs but the Delete button still wasn't showing for tenant. I then used Get-AzADServicePrincipal | select Id | Remove-AzADServicePrincipal as you instructed and it removed all of the remaining apps. Once that completed the delete button showed and I was able to delete my tenant.

James Sciortino 1 Reputation point

2021-04-21T21:56:23.607+00:00

Thanks so much for this. Worked like a charm using Notepad ++

Obtained all ObjectIds by running Get-AzADServicePrincipal

Copied the output to Notepad ++

Appended the command Remove-AzADServicePrincipal in front of each object ID
For example, Remove-AzureADServicePrincipal -ObjectId f3bf74c2-bccc-44e6-bec8-428ceb5aa024

Copied / Pasted each command into PowerShell in groups of 10 or less to be sure every command was processed as expected

Originally, I tried copying all 95 lines into PowerShell and it just didn't run through them all. I could tell because, it didn't return 95 response codes.

Arthur Augsten 1 Reputation point

2021-10-17T22:47:21.647+00:00

I had the same issue and your solution solved my problem! Thanks.
Sign in to comment
Iain Aitken 11 Reputation points

2021-02-26T14:18:52.427+00:00
Tip for anyone doing this - I had 105 items listed as Principals.

If you have this:

Run the command Get-AzureADServicePrincipal as above

Copy the entire list from powershell by highlighting and ctrl+c

Paste into an excel sheet (Column A in excel)

In the next row (Column B) enter the formula: =LEFT(A1,FIND(" ",A1)-1) This deletes everything in the row after the first space, leaving just the object Ids.

Drag formula down to cover all rows

in the next row (Column C) enter the formula: =PROPER("Remove-AzureADServicePrincipal -objectid "&B1) This adds in the comand to delete them to the same line.

Drag formula down to cover all rows.

copy all of Column C and past into word as plain text so that it is not in a table.

Copy the entire word doc useing ctrl+A then ctrl_C

Right click in Powershell to paste. It will then work through deleting them all and show an error on the ones that cannot be deleted.

Go back to your delete tenant page and delete.
Please sign in to rate this answer.

2 people found this answer helpful.
Knut E. Gjerdsbakk 1 Reputation point

2021-12-15T17:49:15.623+00:00

This saved my day! Thank you!!!
Sign in to comment
soumi-MSFT 11,716 Reputation points Microsoft Employee

2020-03-09T05:17:13.433+00:00
MarlisSeptian-3433, Make sure you dont have any Enterprise apps or Users in your tenant [Except the Global Admin of that tenant]. If there are any other user left in the directory apart from the Global Admin, this Status would come up and you will have to delete your user in AAD first, before deleting the Directory, or you will get a message saying you cannot delete the directory, because you have one or more users.

Try refreshing the page or navigate to the AAD home page and the get back to the delete Directory page and this time the check for directory deletion should pass and you would be able to see the "Delete" button at the end of screen.

Also, if you would want to delete the Applications under Enterprise Apps section using Powershell, you can try to follow the steps below:

Go to https://www.powershellgallery.com/packages/AzureAD/ to get the latest powershell Azure AD module

Start Powershell and run:
Install-Module -Name AzureAD

Once done run:
Connect-AzureAD

You will be prompted to login, login with the user you created and will be asked to change your password:

You should now be able to list all the current application SPs in a directory:
Get-AzureADServicePrincipal

Now, delete all non-required apps in the tenant directory, for me it was the Microsoft Visual Studio Team Services.
Remove-AzureADServicePrincipal -objectid [enter object id here]

Hope this helps and do let us know if this helps and if there are any more queries around this, please do let us know so that we can help you further. Also, please do not forget to accept the response as "Answer"; if the above response helped in answering your query.
Please sign in to rate this answer.
Marlis Septian 6 Reputation points

2020-03-09T08:28:01.56+00:00

Hi,

As you can see from my second screenshoot. I dont have any enterprise application, however the status for my enterprise application is still uncheck (look at my first screenshot).

Boyuan Zeng 1 Reputation point

2020-07-04T19:11:58.48+00:00

Wow! Thank you! Your advice solved my problem! I was trying to delete my .onmicrosoft.com(the directory) today too and it always ask me to delete my enterprise applications. Then I found this question and your answer. After login through the powershell and delete all the unneeded apps I finally delete my onmicrosoft.com directory! Cheers! (I'm even not a programmer and only know some basic knowledge of C++!)
Thank you for your easy-to-understand answer! Really helps!

William Myers 1 Reputation point

2022-02-09T00:18:55.893+00:00

Thank you, I expanded on your steps slightly and took a kill it with fire approach.

foreach ($SP in (Get-AzureADServicePrincipal)){Remove-AzureADServicePrincipal -ObjectID $SP.ObjectID}
Sign in to comment
Marlis Septian 6 Reputation points

2020-03-12T01:03:16.893+00:00

Any solution guys?
Please sign in to rate this answer.

0 comments No comments
Sign in to comment