New azure account already in use?

Question

Hello everyone,

I encounter an issue on azure. I just signup for a free try of azure, registration and verification went fine but it seems that my account is already been used?
when i try to access azure portal, i got a message saying that :

Conditional Access policy failure
Your Azure AD tenant administrator has enabled Conditional Access policies. You must log in again to access your resources

Details:
{
"sessionId": "eb32057ad0804849bf481f72e89ca78a",
"missingClaims": "{\"claims\":\"{\\"access_token\\":{\\"capolids\\":{\\"essential\\":true,\\"values\\":[\\"821958f5-801e-4391-9c10-684ea4e50750\\"]}}}\"}",
"resourceName": "graph",
"errorMessage": "AADSTS53003: Access has been blocked by Conditional Access policies. The access policy does not allow token issuance.\r\nTrace ID: 0b478fd9-3cc4-4a1f-9f03-a6bccb430e00\r\nCorrelation ID: a3238761-bcbc-4529-ab6a-33fcc223a969\r\nTimestamp: 2022-09-02 08:52:39Z"
}

When i try to re-authenticate i end up on Vinci-energies azure login portal( a big french company).

I never worked for vinci, my Microsoft account email is my gmail adress and i got it for more than 10years.

Anyone can help me please?
Thanks a lot

Answer 1

@MehdiF you're welcome.
Pity it didn't resolve the issue though.

The dot in your e-mail doesn't matter, it would just be skipped. So if the tenant got created, your tenant would be "xxxmehdigmail.onmicrosoft.com". Since you got the error, that this tenant does not exist, that's most likely a fact. The tenant does not exist. It might have happened, that your subscription got attached to your account in tenant where your account does already exist at (=Vinci-energies). Therefore you do have an azure subscription, but won't be able to sign in due to the policies.

I recommend you to start over again, since it's only an azure free account. When you start creating your azure free account, you can just click on "Create one!" and create a complete new account. As soon as you've got your own tenant and been able to login, you can then invite your xxxxx.mehdi@Stuff .com account to access the tenant and subscription too...

What do you think, does that sound like a plan?
Hope this will do the trick.
If so, please accept this as the answer as a token of appreciation.

Wish you a lovely weekend! :-)

Answer 2

Hello there

It seems you might get connected to the wrong tenant >> Vinci-energies and they do have conditional access applied (good for them) :-) That's why you're getting this error.
When you signed up for Azure free, you were using an e-mail (example: mehdif@Stuff .com). From that address, your tenant will be created automatically in the manner of "mehdifgmail.onmicrosoft.com" and mehdif@Stuff .com will be invited as an external account to that tenant ("mehdif_gmail.com#EXT#@mehdifgmail.onmicrosoft.com").
So far so good.

When you now log in to portal.azure.com, it might be that your mail mehdif@Stuff .com is already existent in an other tenant and therefore would be your default tenant to connect with. This default tenant (Vinci-energies) is not accepting your login due to conditional access policies.

If this situation is the case, then the solution is pretty easy.

1. Make sure to close all your browser sessions
2. Open an in-private browser session.
3. go to https://portal.azure.com/<tenant-name> (example: https://portal.azure.com/mehdifgmail.onmicrosoft.com).
4. Sign in with your credentials you created during the azure free setup (mehdif@Stuff .com).
5. Once you're in, make sure to change your default Azure Tenant / Directory.

Hope this will do the trick.
If so, please accept this as the answer as a token of appreciation.

Wish you a lovely day! :-)

Answer 3

Hi grabery, thank you very much for the informations, it makes sense and I believe its whats happening.

Unfortunatly it doesnt work...
I have tried what you suggested and everytime I got " AADSTS90002: Tenant xxxxxx.onmicrosoft.com not found. Check to make sure you have the correct tenant ID and are signing into the correct cloud. ".

There is a dot in my email adress(the email is like xxxxx.mehdi@Stuff .com) and ive tried all combination possible, ie :

https://portal.azure.com/xxx.mehdigmail.onmicrosoft.com
https://portal.azure.com/xxxmehdigmail.onmicrosoft.com

even reversed:

https://portal.azure.com/mehdixxxgmail.onmicrosoft.com
https://portal.azure.com/mehdi.xxxgmail.onmicrosoft.com

I can PM you with the real mail address if it can help..

Answer 4

I will set up another account and forget about the first one. Thanks a lot for your time and explanations!

Have a nice day :)