Single user of Azure directory is locked out

Flemming Hedegaard Wagner 20 Reputation points
2025-01-19T17:14:03.33+00:00

Problem:

I have an azure account for setting up a new environment to replace local servers. I have (actually had) only 1 user which has been redirected to another directory, why I now cannot access my Azure account.

Situation:

I have 2 user accounts ******@mydomain.com and ******@mydomain.com

4Office@ is used only for my Office/365 and 4Azure@ only for Azure database and server purposes. There are a database and a virtual server defined.

Azure-account where created long before my Office why the Domain/Directory name were defined as: "4azuremydomain.onmicrosoft.com". My other account (4office) have only mydomain: "mydomain.onmicrosoft.com".

What happened:

I had to reset my password for my 4Azure-account. After that, the Current Directory was changed from "4azuredomain.onmicrosoft.com" to "mydomain.onmicrosoft.com" resulting that I cannot get access to my Azure-environment.

Both users have access to mydomain (Office) and if I use the URL to set the Directory (https://portal.azure.com/4azuremydomain.onmicrosoft.com) then I can see Directory name and ID listed and marked as "Current". BUT the account (upper right corner) is marked with "RESTRICTED TENANT" - so no access. (and I was shown the "Limited of No Access" warning)

Question:

How can I get control back of my Azure account ?

(both users are Global Administrators of Azure and Office)

I have tried settings (https://portal.azure.com/#settings) Select Startup Directory - but since there are only access to mydomain.onmicrosoft.com the selection-part is not visible.

The Azure account is still active - I can access the database using SSMS.

Regards
Flemming

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
23,161 questions
{count} votes

Accepted answer
  1. Harshitha Eligeti 1,455 Reputation points Microsoft Vendor
    2025-01-27T10:28:25.65+00:00

    Hello @Flemming Hedegaard Wagner
    I'm glad that you were able to resolve your issue and thank you for posting your solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others ", I'll repost your solution in case you'd like to "Accept " the answer.

    Issue: Single user of Azure directory is locked out

    Solution: Resolved by @Flemming Hedegaard Wagner

    After successfully gaining access to your database and other resources on Azure via SSMS, you selected the "Management Portal" option. This opened the portal.azure.com site using your Office account (the last used one), granting you access to all your resources. Now, by directly accessing your Azure account through the URL (https://portal.azure.com/4azuremydomain.onmicrosoft.com), you are taken straight to your account and can access all your resources.

    If you have any other questions or are still running into more issues, please let me know. Thank you again for your time and patience throughout this issue.

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

    Best Regards,
    Harshitha Eligeti.

    0 comments No comments

3 additional answers

Sort by: Most helpful
  1. Amira Bedhiafi 28,381 Reputation points
    2025-01-19T18:26:57.1166667+00:00

    Use the direct URL to access the directory: https://portal.azure.com/4azuremydomain.onmicrosoft.com.

    and confirm that ******@mydomain.com is listed as a Global Administrator in the directory 4azuremydomain.onmicrosoft.com.

    If your password reset caused issues:

    • Go to the Microsoft Account Recovery Portal or Azure Account Password Reset.
    • Reset the password for ******@mydomain.com.
    • Attempt to sign in again

    If the Azure Portal isn't allowing you to switch directories, use the Azure CLI:

    az login
    az account tenant set --tenant-id "<tenant-id-of-4azuremydomain.onmicrosoft.com>"
    az account show
    
    
    
    0 comments No comments

  2. Flemming Hedegaard Wagner 20 Reputation points
    2025-01-23T14:57:00.2233333+00:00

    Hi Amira

    Thank you for your assistance.

    Based on your suggestions I have been a little wiser:

    Both users are global Administrators on my Office account - no user is a member of the Azure account. (Sorry about the confusion).

    "Azure Active Directory" is not listed in my menu.

    When I try to access my Azure directory directly using the URL method (https://portal.azure.com/4azuremydomain.onmicrosoft.com) and try to sign in with either of my users, I first get the message "Limited or No Access" - after pressing the button "I acknowledge" I get the "No subscriptions" message in the upper right corner.

    I hope this information can give you a better understanding of my problem ?

    Regards
    Flemming

    20250123_Limited Or No Access20250123_LogIn_message


  3. Flemming Hedegaard Wagner 20 Reputation points
    2025-01-26T11:03:31.32+00:00

    Even further discovery:

    Using SSMS I have just accomplished to get access to my database and my other resources on Azure.

    On My Database in SSMS (SQL Server Management Studio) I used right-click and selected "Open in management portal ..." option.

    Then portal.azure.com opened on my Office account (last used). This time I could switch account to my Azure-profile and now I have access to all my resources.

    If I try to call my azure directly using the URL (https://portal.azure.com/4azuremydomain.onmicrosoft.com) then I now go directly to my account and have access to all my resources.

    All in all this experience was not funny and I am glad this was not a production environment. Anyway I hope my experience can be helpful for others and also for Microsoft during development.

    Regards
    FLEMMING

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.