![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 42%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Entra | Microsoft Entra ID
A cloud-based identity and access management service for securing user authentication and resource access
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 10%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESS%3C/text%3E%3C/svg%3E)
Because sign-in is blocked and there is only one administrator on the tenant, tenant recovery must be handled by Microsoft’s Data Protection team after identity verification. This cannot be fixed directly through the portal.
Use these steps to initiate recovery:
- Confirm no other admins exist
- If there is any chance another global admin account exists in the tenant, that admin can sign in and fix access (for example, by resetting the password or roles). If no such account exists, proceed to the next step.
- Contact Microsoft 365 / Azure Data Protection by phone
- Use the regional phone number listed under Customer service phone numbers - Microsoft Support or Get support - Microsoft 365 admin from the context.
- When the IVR/agent asks about the issue, clearly state:
- The problem is loss of access to the only Microsoft 365 global admin for the tenant using the domain
progic.jp. - A tenant recovery / Data Protection case is needed.
- The problem is loss of access to the only Microsoft 365 global admin for the tenant using the domain
- Typical IVR flow from the context:
- Select business email / technical support options when prompted.
- When asked what the problem is, say: Authenticator or lost account (depending on the prompt).
- Product: Office 365 for business.
- Account type: Company (not education/personal).
- Are you an administrator? Yes.
- Are there any other administrators? No.
- Confirm that a service request is needed and ask to be routed to the Microsoft 365 Data Protection team or Azure Data Protection team for tenant admin recovery.
- Prepare for identity and tenant ownership verification
The Data Protection team will only proceed after verifying identity and ownership. Be ready to provide, as requested:
- Administrator sign-in UPN (for example, admin@
progic.jpor admin@<tenant>.onmicrosoft.com). - Tenant/domain details (including
progic.jp). - Official business documentation and domain ownership evidence, as described in the tenant recovery guidance:
- Business registration documents.
- Proof of control of the custom domain (DNS or WHOIS information).
- Publicly listed organization information matching the tenant.
- Administrator sign-in UPN (for example, admin@
- If phone support is hard to reach, use a temporary trial tenant to open a ticket
- Create a new Microsoft 365 trial tenant (separate from
progic.jp) using any of the trial links in the context (for example, “Compare All Microsoft 365 Plans | Microsoft” / “Microsoft 365 Business Plans and Pricing | Microsoft 365”). - Sign in to the new tenant’s Microsoft 365 Admin Center (
https://admin.microsoft.com/). - Go to Support → Help & support.
- Open a support ticket and clearly state:
- This new tenant is only for contacting support.
- The real tenant that needs recovery uses the domain
progic.jp. - The account on that tenant is the only global admin and is currently blocked with “You don’t have permission”.
- A Data Protection / Tenant Recovery case is required to restore admin access.
- After the issue with the original tenant is resolved, cancel the trial subscription in Billing → Your products to avoid charges.
- Create a new Microsoft 365 trial tenant (separate from
- Follow Data Protection team instructions
- The Data Protection team will guide through any additional verification steps and, once validated, can reset admin access or help assign a new global admin so the tenant can be managed again.
References:
- Tenant access recovery
- Forgot password to sign in to Microsoft 365, Intune, or Azure
- "We don't recognize this user ID or password" error when a user tries to sign in to the Microsoft 365 portal
- Troubleshoot sign-in issues and account access problems
- I have a Micrsoft business account and I am the admin and the only user registered under this account. I can't log in because i have replaced my phone and the authenticator doesn't work. - Microsoft Q&A
- I cant log in to my business account because it is requiring Authenticator app which I do not have - Microsoft Q&A
- Requesting a Tenant Admin MFA Reset - Microsoft Q&A
- Global Admin Locked out - Microsoft Q&A
- Microsoft authenticator sending me into a spiral - Microsoft Q&A