Share via

Outlook desktop app fails to sign in after using Microsoft Learn and activating Azure sandbox when using custom domain

9InchPianist 31 Reputation points
2021-12-14T07:36:23.56+00:00

I have an M365 Family subscription and use my own domain name with it, which I have had since the Hotmail / Outlook premium days.

I recently used an Azure sandbox via Microsoft learn, and since then I can no longer sign in to Outlook on my Mac OR on a PC (even a freshly built one). Here are screen shots of the errors from the Mac and PC:

157431-pc-error.png

157318-mac-error.png

It appears as though I now also seem to have a 'Work or School Account' associated with my email address whereas before I only had a personal account:

157339-work-school-account.png

I have exactly the same history and symptoms as reported here:

https://learn.microsoft.com/en-us/answers/questions/264307/issues-with-sandbox-tenant-and-my-personal-outlook.html

By signing in to https://portal.azure.com using the 'Work or School' account, I've confirmed that I have the same root cause as the above:

157319-aad-portal.png

Outlook Management
Outlook Management
Outlook: A family of Microsoft email and calendar products.Management: The act or process of organizing, handling, directing or controlling something.
4,945 questions
Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
4,245 questions
Microsoft Entra
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,846 questions
Accepted answer
  1. Siva-kumar-selvaraj 15,561 Reputation points
    2021-12-14T11:58:27.777+00:00

    Hello @9InchPianist ,

    Thanks for detailed information.

    You need to create an Azure Technical Support Request by navigating to your Azure Active Directory -> New Support Request as this would help us validate ownership of domain that you own.

    157438-image.png

    You could also try deleting the custom domain name from your tenant yourself via Azure AD portal --> Custom domain names --> Select your custom name --> Delete.

    https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Domains

    157482-image.png

    Recommended steps
    Ensure that you have removed all users, groups and applications utilizing the domain name you are trying to remove. There cannot be any dependencies on the domain name; for example, such as the User Principal Name (UPN) cannot contain the custom domain name. If your account is admin@Company portal .com it will fail you are trying to delete “contoso.com”, so try creating new admin account like admin@Company portal .onmicrosoft.com and use that account to perform remove custom domain name.

    To learn more about, How to Delete a custom domain name.

    In case if you don't have access to tenant then I believe this is because when a self-service user signs up for a cloud service that uses Azure AD, they are added to an unmanaged Azure AD directory based on their email domain. For more about self-service or "viral" sign-up for a service, see What is self-service sign-up for Azure Active Directory?.

    You would try performing take over an unmanaged directory to become an admin as described here. If non of these helps then you can create MS support to help on this case as explained previously.

    Hope this was helpful.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. 9InchPianist 31 Reputation points
    2021-12-15T20:02:26.233+00:00

    This has now been resolved by doing the followng:

    • I raised a 'Technical' support ticket in the Azure portal (logged in using my personal account) using my MSDN Subscription (if I didn't have this then I would have only been able to raise 'Billing' or 'Subscription' based tickets, so other people might not find it as straight forwards)
    • After going through a few things with an extremely helpful agent I was given the instructions on how to take over a 'Viral Tenant': https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/domains-admin-takeover (which must be done using the 'Work or School' account), however, when I tried to take over it I received an error stating the domain was not viral and it therefore could not be taken over using a viral method:

    157986-viral-takeover.png

    • This is where things get a bit blurred because I logged on to https://admin.microsoft.com (again using the 'Work or School' account) later this evening and low and behold I was now 'Global Admin' for the Tenant, so whether Microsoft did something behind the scenes, I don't know yet but will amend this post if / when I find out.
    • I was now able to log back in to https://aad.portal.azure.com and remove my custom domain and schedule the Tenant for deletion.
    • After a short wait (may around an hour) my Outlook desktop app was able to then sign in as expected.

    What a marathon but hopefully this post will help others that come across the same problem!

    1 person found this answer helpful.
  2. Robert Sparnaaij [MVP] 1,811 Reputation points MVP
    2021-12-14T11:16:29.817+00:00

    In the page of your last screenshot, you can click on your custom domain name to open a new page where you can delete the domain association.

    However, you must most likely first remove/reconfigure the resources that are referencing this custom domain. The new page where you can also delete the domain give an overview of that as well.