How can we improve Azure Active Directory?

Merge office365 and live accounts that use the same email address

I use both Azure/msdn and office 365
I already had an msdn account mvdl@our-company.com ( Windows Live account) and our company recently migrated to Office 365 which resulted in a mvdl@our-company.com Office365 account.

Wich is causing a lot of grieve when switching between asure web portal / msdn web portal / office 365 web portal

Even when I have no portals open, I cant switch accounts. I need to explicity open the portal that I last logged in to. Log out, and then I can switch accounts.

And having both office 365 portal and Azure portal open at the same time is impossible.

478 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    MarcoMarco shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    38 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Boian SoloviovBoian Soloviov commented  ·   ·  Flag as inappropriate

        Thanks Marco!
        @Ariel, I hope you are still scanning this thread. There is a REAL need for improvement: as you yourself mention important services like MSDN and VL *require* that you sign up (and create a new live ID) with your company email address! A catch 22 is thus preprogrammed for all companies that use Azure AD. You could have long ago implemented AD Federation, SAML2 or OAUTH2 between live ID- and Azure ID-services.
        And by the way, this here uservoice forum could have accepted SSO with Azure ID as well - it is ridiculous that I have to sign in with a Google account!

      • Gary VargaGary Varga commented  ·   ·  Flag as inappropriate

        I have a similar issue with Google. Identity confusion because to add a gmail account to an existing Google account with a different email address (as directed by Google). Accounts and identities is a difficult issue because is HAS to be right.

      • Jamie ThomsonJamie Thomson commented  ·   ·  Flag as inappropriate

        I'm half-amused to see people here opine that this problem has existed for "almost a year" because to my mind its been a problem for much much longer than that. Lots of discussion here about Azure and the Azure Management Portal and various other services/web properties at Microsoft but I think the original poster captured it better than anyone. Two separate accounts (with two separate passwords) for the same email address is (at best) very very confusing, especially for non-techies. I totally understand the historical reasons for why this situation has arisen but surely the time has passed for it to be sorted out?

        I'd like to ask if there's a reason why Microsoft can't do what the original poster suggested i.e. merge Organisational accounts & Microsoft Accounts (MSA) that have the same email address. Other than "it'd be a heck of a lot of work" is there a technical reason that simply prohibits this from being done? I'd definitely like to know the answer to that because (IMHO) merging such accounts would solve most if not all of the frustrations I currently have regarding this whole mess.

      • JonJon commented  ·   ·  Flag as inappropriate

        I concur Willindigo. Unbelievable that this hasnt been solved and that it is barely acknowledged to be an issue. Have spent hours with MS Partner support and with them barely understanding the issue and just repeatedly asking me to keep trying.

      • Willindigo ☠Willindigo ☠ commented  ·   ·  Flag as inappropriate

        How in the world is this still an issue after a whole **** year? And what kind of idiot at Microsoft thought it wise to allow two different types of access IDs for the SAME SERVICES that allowed for the exact same user credentials? I am seriously baffled.

        They had it nailed with "Microsoft ID" used for Bizspark, Azure, Outlook.com etc.. then created Office365 with a completely separate directory that works with Bizspark but not Outlook.com or Azure? Jesus christ I am livid. This is so indicative of why people despise working with Microsoft Technologies. You attest that you are trying to abstract away the complexities of managing an IT infrastructure with SaaS like Azure and Office365, yet you pull this **** which results in more time and resources being devoted to hunt down obscure internet posts while EVERY EMAIL your "Microsoft Support" sends me says "Resolved."

        Oh well, I guess I will just have my guys leave our VMs running up in Azure ticking away my credits while I wait another 8 hours for someone from India to pretend to help me.

      • IanIan commented  ·   ·  Flag as inappropriate

        Ariel, what about the limitation on Windows 8 logins? Currently only "Microsoft Accounts" are supported. It would be great if this was also addressed, so that users could login to their work PCs using their 365/Azure AD account.

      • TedTed commented  ·   ·  Flag as inappropriate

        I'm with Matthew Cole in that trying to build apps with Azure AD and link to organization accounts is such a pain and would like to see IUR linked to organizational or the other way around.

        Another issue with this is trying to use the Azure SDK within Visual Studio. Every time I open VS, I have to logout of Azure in the server explorer and login again so that I can select my Live account. Otherwise, it ends up in a never ending loop of opening and closing the login window, as if it can't determine which account to open.

      • JoeJoe commented  ·   ·  Flag as inappropriate

        OK this doesn't seem as important as some of these but I have a 365 account with the same exact username (email) and password as a completely separate Live account. How is this possible? these must be two separate systems?

      • David RuizDavid Ruiz commented  ·   ·  Flag as inappropriate

        This has been a longstanding challenge for us as well. Signed up for BizSpark and Azure using my Microsoft Account, but running our business using a Office 365 Organization account of the same name (email address). Making matters worse, we're building business apps that leverage Azure AD SSO but can't even test it without stumbling over the account naming conflict that emanates from defining O365 users within manage.windowsazure.com and ultimately conflicts with the registered user apps that appear within myapps.microsoft.com.

      • J Aaron andersonJ Aaron anderson commented  ·   ·  Flag as inappropriate

        yes this is terrible, dumbfounded this was not thought out before release. Please keep me posted as well on how to thread together O365 4 Business OrgAccounts with pre-established (more personally driven) MSDN WIN:LIVE Accounts both with the same primary email address... shouldnt that distinguishing match SSO/Trust both uniques account GUIDs in multiple systems upon re-authentication ? anyhow please keep us all administrator up on this as this is an almost certain show stopper in many cases

      • Ariel Gordon (MSFT)Ariel Gordon (MSFT) commented  ·   ·  Flag as inappropriate

        Thanks for the question and feedback.

        Our team owns the Microsoft account and Azure AD sign-in/sign-up experiences. We know that some experiences are confusing for some of you and we’re working hard to simplify them.

        More specifically:

        1) We know a number of users have multiple accounts with Microsoft, some they created themselves and others they got from their work or school. Today, using multiple accounts in Office 365, Azure.com or VisualStudio.com requires you sign out of one account and sign in to another. To address this we’re building the ability to be signed in with more than one account at the same time, in the same browser. This should start showing up on Microsoft web properties later this year.

        2) There’s a small number of Microsoft business services that only support “Live ID” accounts, and not organizational accounts that are used for other business services like Office 365. Examples include MSDN and Volume Licensing. We’re working with these teams to add support for organizational accounts. This will allow everyone who already has an account they use with Office 365 to use the same account to sign in to these services.

        3) Some users have two Microsoft-powered accounts with the same sign in string: one they got from their organization (when the organization uses Azure AD account) and one they created themselves (for example to access MSDN or VL). For these users, the sign-in experience to Office and Azure can be confusing. If you’re in this situation, the simplest solution is to rename the account you created yourself. You can use another consumer email address or get a new @outlook.com address. And later his year, you’ll also be able to use your phone number as a sign in string. Longer term, we’re considering different options to remove this overlap.

        Keep the great feedback coming and please let us know if you finds other sources of account confusion. We’ll continue to monitor this thread as we refine our plans.

        Ariel

      • Mdg RkbMdg Rkb commented  ·   ·  Flag as inappropriate

        This is a mess, and the fact that it hasn't been properly addressed in over a YEAR is VERY disappointing.

      • DanielDaniel commented  ·   ·  Flag as inappropriate

        Just another thought: If you want to be a "cloud first, mobile first" company you should really figure out processes like this. And I still wonder what will happen to my paid for Windows Phone Apps when I connect it to the migrated Exchange Online mail account, because it keep telling me this will change my identity (it is connected to a Live Account as of now).

      • DanielDaniel commented  ·   ·  Flag as inappropriate

        This will probably affect every company that moves production services to O365 and/or Azure. We are a Gold Partner, too, and want to make use of our IURs, but this is a pretty big issue because we have mostly developers that will use MSDN, Azure and O365.

      • Mark BurlandMark Burland commented  ·   ·  Flag as inappropriate

        Our school was using Live@EDU. When MS disbanded that and folded schools into Office365 for Education they automatically created new Live accounts from the old Live@EDU accounts. What this meant for, for example, is I now have an Office365 account under the username mark.burland@st-marks.essex.sch.uk and a Live account under the username mark.burland@st-marks.essex.sch.uk but these are two entirely separate entities. Guess which account I have to use for our eAgreement and VLSC? You guessed it, not my organisational (Office365) account, but the ethereal Live account. Bonkers. Absolutely bonkers. When I queried this with Microsoft they had no clue what I was on about. Drives me insane.

      • Anonymous commented  ·   ·  Flag as inappropriate

        Still no solution to this? We have a scattering of Live ID's and we are looking to fully migrate to O365, but we are sticking with the "onmicrosoft.com" domain for all office services until this gets resolved. Thanks!

      • Anonymous commented  ·   ·  Flag as inappropriate

        same problem here, my company partner account is setup with a microsoft live account but my office 365 and azure are linked to a 2nd account of the same name.

        If i now try and activate azure as a partner platform i get a 2nd azure instance created linked to my MS live account, but cannot communicate with the 365 domain.

      • Mike SanlonMike Sanlon commented  ·   ·  Flag as inappropriate

        This is a major pain point for us. What's most galling that it effects your best customers. The more Microsoft services you sign up for (with your corporate email as your user id) - the worse it gets.

      • AllanAllan commented  ·   ·  Flag as inappropriate

        I too am having this issue, is there any resolution yet? There is no link to where this got moved too as mentioned by the ADMIN post.

      • IKIK commented  ·   ·  Flag as inappropriate

        I am trying to setup Azure AD and office365 to sync password with windows live account, so remote users whose PC are not on domain can login with single-sign-on.

        Is there any way to do this?

      ← Previous 1

      Feedback and Knowledge Base