Few months ago I attended to the Microsoft Azure Virtual Training Days. It is a great opportunity to get a new knowledge, especially because there are provided the labs in a sandbox environment. However, due to that I went into a problems with accessing my Microsoft account later on.
My private MS account is using an external domain (so it is not @outlook.com). The training’s sandbox has created a separate account („work or school”) with the same email address, so – as you can expect – during the login I have to select which account I would like to use. It is not a huge problem if you use the Modern Authentication – but I run into a problems when I wanted to use i.e. classic Exchange ActiveSync synchronisation of my phone’s contact. As I have got two accounts using the same mail, the device was not sure which one it could use and it fails to synchronise. The problem happens even in a modern devices with modern authentication – adding an mail to a newest iOS gives back the „unable to verify access information” message.
As I run into that problems and the Google was not helpful, I decided to provide here a basic information how to make the cleanup. It is just a general overview of the steps which you need to do in such situation:
- Try to logon to your mail using the „work or school account”; for sure you do not know your password, so use the „reset my password” opportunity. Do not worry – it will use the „work or school account” and your private one will not be touched.
- Review if the tutorial applies to you: open the myaccount.microsoft.com, login with your freshly reseted credentials and check your Organisations. Do you see and organisation with statement „you cannot leave your home organisation”? – if yes, then proceed.
- Open the Azure Active Directory portal (via portal.azure.com) and login to the „work or school account”). When you check your tenant name, it might look strange.
One remark here: if you have a problem that your domain is not verified with the Azure AD, please make a takeover using the PowerBI Admin Panel and the DNS TXT record.
- Create a new user for your tenant. Give that user a „global administrator” permission.
- Login again to your Azure Active Directory portal, this time with the credentials of new user.
- Remove the initial (main, private) user – that one which uses your email.
That is everything you could do. Now you have to wait up to one week to get rid of the account selection prompt (however in my case it was like 48 hours). Since then I have no more problems.
Two additional small notes that I found out later:
- You can still use the old-fashioned Exchange ActiveSync protocol, you just need to generate an application password. If you are asked for the endpoint, you can provide the address: https://outlook.office365.com/EWS/Exchange.asmx
- My phone had been not synchronised for a long time and I have realised some of the contacts are not in the cloud after I solve the account problem (however, if I edit the current ones in the outlook.com, the changes are synchronised properly among the devices). I do not know what might cause the issue, but I suppose it is due to Cached Exchange Mode (in simple words, too many contacts).