Share via

COMPLETELY broken Azure account - converted only user to internal, can no longer access subscription, trying to create a new trial says I already have one, but then it is IMPOSSIBLE TO ACCESS

Thanasi Poulos 0 Reputation points
2025-06-02T22:26:00+00:00

This is PATHETIC. I created a free sub account yesterday, to test out some features for a new app I am working on.

I spent ALL AFTERNOON trying to add a coworker as an admin user, then at some point noticed I (the account/sub owner) was an "external" user; not understanding what this is, and feeling like it was incorrect, I clicked "convert to internal" upon which it apparently "failed." Alright, no worries right? It didn't do anything... WRONG.

Now I CANNOT DO ANYTHING, ANYWHERE I navigate to just CONSTANTLY throws TOTALLY USELESS, UNHELPFUL ERRORS. I can't raise a support ticket because this broken thing keeps trying to direct me back to the account I CAN'T PROPERLY ACCESS

This is a MESS. PLEASE CAN SOMEBODY JUST DESTROY MY ACCOUNT AND LET ME START AGAIN.

{"sessionId":"c09f70e98ff34c96b54619bda06c7fee","subscriptionId":"","resourceGroup":"","errorCode":"401","resourceName":"","details":"No access"}

User's image

User's image

THIS IS WHAT I GET TRYING TO RAISE A SUPPORT TICKET LIKE ARE Y'ALL SERIOUS?!

Microsoft Security | Microsoft Entra | Microsoft Entra External ID

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Surya Prakash Kotte 3,200 Reputation points Microsoft External Staff Moderator
    2025-06-04T19:24:23.73+00:00

    Hello @Thanasi Poulos

    Thank you for reaching out Microsoft Q&A.

    I understand you are getting AADSTS16000 error this is a very common error that occurs when you try to sign in to the Microsoft Entra admin center with a personal Microsoft account that does not have a directory associated with it.

    Reason:

    Whenever you sign in Azure portal using Microsoft Personal Account you by default get connected to the Microsoft Services tenant

    As this is a standard tenant without any directory associated, you cannot perform actions such as creating new users, groups, enterprise applications, and so on. To perform administrative actions, you must have administrative access to the tenant.

    Solution:

    For this purpose, you need to create your own tenant rather than using the Microsoft Services tenant. To create a new tenant, open in-private/incognito browser window (just to avoid SSO), access https://azure.microsoft.com/en-us/free/ to create a free Azure account.

    When you create a new tenant, you by default become the Global Administrator of the new tenant and have full access to all the options in that tenant.

    If you still want to access Entra portal using your personal Microsoft account only, you can invite that user as a guest user as mentioned here: https://learn.microsoft.com/en-us/azure/active-directory/external-identities/add-users-administrator#add-guest-users-to-the-directory and assign the Global Administrator role.

    Once you are added to an azure tenant and you accept the invite sent to you via email, you can use https://portal.azure.com/#create/Microsoft.AzureActiveDirectory URL to create your own tenant as well.

    Hope this helps. Do let us know if you any further queries.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.