Lost my admin right to my Azure account

Question

Hi,

I had two subscrription running so I have deleted the main one to only keep my student one running. Doing this I think got me to lose my admin right on my account so I cannot even access Azure Active Directory.

The support can't help since all solutions require me to access Azure Active Directory.

Thanks,

Answer 1

Bearing in mind I have tried reactivating my previous subscription but still running into the same issue

Answer 2

@G. Eliot

Thank you for posting your query on Microsoft Q&A, from above description I could conclude that you have lost admin access to your Azure AD tenant and are not able to access it as admin.

Please do correct me if this is not the case by responding in the comments section.

Based upon the issue if your tenant does not have any Admins then it should have become an unmanaged directory. You must try Internal admin takeover to recover the directory access.

Kindly follow below steps and https://www.youtube.com/watch?v=GOSpjHtrRsg for demo.

1. Create a user context in the unmanaged organization through signing up for Power BI. For convenience of example, these steps assume that path.
2. Open the Power BI site and select Start Free. Enter a user account that uses the domain name for the organization; for example, ******@fourthcoffee.xyz. After you enter in the verification code, check your email for the confirmation code.
3. In the confirmation email from Power BI, select Yes, that's me.
4. Sign in to the Microsoft 365 admin center with the Power BI user account. You receive a message that instructs you to Become the Admin of the domain name that was already verified in the unmanaged organization. select Yes, I want to be the admin.

1. Add the TXT record to prove that you own the domain name fourthcoffee.xyz at your domain name registrar. In this example, it is GoDaddy.com.

When the DNS TXT records are verified at your domain name registrar, you can manage the Azure AD organization.

When you complete the preceding steps, you are now the global administrator of the Fourth Coffee organization in Microsoft 365. To integrate the domain name with your other Azure services, you can remove it from Microsoft 365 and add it to a different managed organization in Azure.

Adding the domain name to a managed organization in Azure AD

Open the Microsoft 365 admin center.

Select Users tab, and create a new user account with a name like ******@fourthcoffeexyz.onmicrosoft.com that does not use the custom domain name.

Ensure that the new user account has Global Administrator privileges for the Azure AD organization.

Open Domains tab in the Microsoft 365 admin center, select the domain name and select Remove.

If you have any users or groups in Microsoft 365 that reference the removed domain name, they must be renamed to the .onmicrosoft.com domain. If you force delete the domain name, all users are automatically renamed, in this example to ******@fourthcoffeexyz.onmicrosoft.com.

Sign in to the Azure portal with an account that is the Global Administrator for the Azure AD organization.

1. Select Custom domain names, then add the domain name. You'll have to enter the DNS TXT records to verify ownership of the domain name.

Create a user context in the unmanaged organization through signing up for Power BI. For convenience of example, these steps assume that path.

Open the Power BI site and select Start Free. Enter a user account that uses the domain name for the organization; for example, ******@fourthcoffee.xyz. After you enter in the verification code, check your email for the confirmation code.

In the confirmation email from Power BI, select Yes, that's me.

Sign in to the Microsoft 365 admin center with the Power BI user account. You receive a message that instructs you to Become the Admin of the domain name that was already verified in the unmanaged organization. select Yes, I want to be the admin.

Add the TXT record to prove that you own the domain name fourthcoffee.xyz at your domain name registrar. In this example, it is GoDaddy.com.

When the DNS TXT records are verified at your domain name registrar, you can manage the Azure AD organization.

When you complete the preceding steps, you are now the global administrator of the Fourth Coffee organization in Microsoft 365. To integrate the domain name with your other Azure services, you can remove it from Microsoft 365 and add it to a different managed organization in Azure.

Adding the domain name to a managed organization in Azure AD

Open the Microsoft 365 admin center.

Select Users tab, and create a new user account with a name like ******@fourthcoffeexyz.onmicrosoft.com that does not use the custom domain name.

Ensure that the new user account has Global Administrator privileges for the Azure AD organization.

Open Domains tab in the Microsoft 365 admin center, select the domain name and select Remove.

If you have any users or groups in Microsoft 365 that reference the removed domain name, they must be renamed to the .onmicrosoft.com domain. If you force delete the domain name, all users are automatically renamed, in this example to ******@fourthcoffeexyz.onmicrosoft.com.

Sign in to the Azure portal with an account that is the Global Administrator for the Azure AD organization.

Select Custom domain names, then add the domain name. You'll have to enter the DNS TXT records to verify ownership of the domain name.

Please do let me know if you need any further help.

Thanks,

Akshay Kaushik

Please "Accept the answer" (Yes), and share your feedback if the suggestion answers you’re your query. This will help us and others in the community as well.