Portal azure, active directory error with gmail account owner

Lova RABARISON 25 Reputation points


I have a gmail account owner using a active directory.It still working until this message are appear.
I have another gmail account with this error.
My question are :

  • Is, is it a general error or for gmail and other microsoft email type?
  • How to solve it without changing to a microsoftf account because a have a onedrive with this email




Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
16,653 questions
{count} votes

Accepted answer
  1. Shweta Mathur 19,946 Reputation points Microsoft Employee

    Hi @Lova RABARISON ,

    Thanks for reaching out.

    As @Givary-MSFT mentioned that you are getting this error as you are connected with Micrsoft Service Account.

    Whenever you sign in Azure portal using Microsoft Personal Account you by default get connected to the Microsoft Services tenant (f8cdef31-a31e-4b4a-93e4-5f571e91255a).

    You can also confirm this by navigating to Azure Active Directory > Overview blade and you can see f8cdef31-a31e-4b4a-93e4-5f571e91255a as Tenant ID.

    In this default tenant, you do not have any directory associated with it which you can check by navigating to settings.

    User's image

    As this is a standard tenant without any directory associated, it won't allow you to perform any administrative action.

    For this purpose, you need to create a new tenant using https://azure.microsoft.com/en-us/free/ to create a free Azure account.

    User's image

    which allows you to create your work or school account by filling in all your details.

    User's image

    Once you are able to create that account, you by default become Global administrator of your tenant which is different from Microsoft Services tenant (f8cdef31-a31e-4b4a-93e4-5f571e91255a).

    There you can add your gmail account as guest user and give admin rights to access any resources using that account.

    As this might confuse you between two accounts, so let me clarify the difference between personal account and work account here.

    A work or school account is created by an organization using a business service that has Azure Active Directory/Microsoft Entra as the authentication and authorization platform. A work account typically uses an organization’s custom domain name or company name ie.(UserName@yourorg.com). These are created by an organization’s administrator to enable a member of the organization access to Microsoft cloud services such as Microsoft Azure, Microsoft Intune or Microsoft 365.

    A Microsoft account (MSA) is an account created by a user for personal use which is used to sign into all consumer-oriented Microsoft products and cloud services such as Outlook (Hotmail), Messenger, OneDrive, MSN or Xbox LIVE. Your Microsoft account is created and stored in the Microsoft consumer identity account system that is run by Microsoft.

    Hope this will help you.

    If you have any other questions, please let us know to assist you further.



4 additional answers

Sort by: Most helpful
  1. Givary-MSFT 20,031 Reputation points Microsoft Employee

    @Lova RABARISON Thank you for reaching out to us, As I understand you are trying to access Azure AD with your personal account and getting the error as mentioned above.

    This could be because you don't have any default directory created in your tenant. Since you are connected to the Microsoft Services tenant as a standard user with restricted access, you cannot perform actions such as creating new users, groups, enterprise applications, and so on. To perform administrative actions, you must have administrative access to the tenant.

    For this purpose, you need to create your own tenant rather than using the Microsoft Services tenant. When you create a new tenant, you by default become the Global Administrator of the new tenant and have full access to all the options in that tenant.
    To create a new tenant, open in-private/incognito browser window (just to avoid SSO), access  https://azure.microsoft.com/en-us/free/ to create a free Azure account.
    Once the new account is created, you should be able to see and switch to the new tenant by clicking on the settings icon as highlighted below:

    User's image

    Alternatively, you can ask the global administrator or any existing Azure AD tenant to invite you as a guest user as mentioned here:  https://docs.microsoft.com/en-us/azure/active-directory/external-identities/add-users-administrator#add-guest-users-to-the-directory. Once you are added to an azure tenant and you accept the invite sent to you via email, you can use  https://portal.azure.com/#create/Microsoft.AzureActiveDirectory URL to create your own tenant as well.

    Let me know if you have any further questions, feel free to post back.

    Please remember to "Accept Answer" if answer helped, so that others in the community facing similar issues can easily find the solution.

  2. Lova RABARISON 25 Reputation points

    I think that you are Ok!

    I have this error when i try to recover code for refresh token
    User's image

    To say the truph, the goal is to get all directory and file in onedrive using php.
    May be i use a bad or old manage to do that.
    If you have an idea or a tutorial for getting directory/file from one drive to server local using php with Active Directory

    Thank you

    0 comments No comments

  3. Lova RABARISON 25 Reputation points

    If you have an idea or a tutorial for getting directory/file from one drive to server local using php with Active Directory..can you give me please ?


  4. Lova RABARISON 25 Reputation points

    Accept Answer

    0 comments No comments