How can we improve Azure Active Directory?

Merge office365 and live accounts that use the same email address

I use both Azure/msdn and office 365
I already had an msdn account mvdl@our-company.com ( Windows Live account) and our company recently migrated to Office 365 which resulted in a mvdl@our-company.com Office365 account.

Wich is causing a lot of grieve when switching between asure web portal / msdn web portal / office 365 web portal

Even when I have no portals open, I cant switch accounts. I need to explicity open the portal that I last logged in to. Log out, and then I can switch accounts.

And having both office 365 portal and Azure portal open at the same time is impossible.

741 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    MarcoMarco shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
    Josh RiversJosh Rivers shared a merged idea: Microsoft Account Overload  ·   · 

    Our team owns the Microsoft account and Azure AD sign-in/sign-up experiences. We know that some experiences are confusing for some of you and we’re working hard to simplify them.

    More specifically:

    1) We know a number of users have multiple accounts with Microsoft, some they created themselves and others they got from their work or school. Today, using multiple accounts in Office 365, Azure.com or VisualStudio.com requires you sign out of one account and sign in to another. To address this we’re building the ability to be signed in with more than one account at the same time, in the same browser. This should start showing up on Microsoft web properties later this year.

    2) There’s a small number of Microsoft business services that only support “Live ID” accounts, and not organizational accounts that are used for other business services like Office 365. Examples include MSDN and Volume Licensing. We’re working with these teams to add support for organizational accounts. This will allow everyone who already has an account they use with Office 365 to use the same account to sign in to these services.

    3) Some users have two Microsoft-powered accounts with the same sign in string: one they got from their organization (when the organization uses Azure AD account) and one they created themselves (for example to access MSDN or VL). For these users, the sign-in experience to Office and Azure can be confusing. If you’re in this situation, the simplest solution is to rename the account you created yourself. You can use another consumer email address or get a new @outlook.com address. And later his year, you’ll also be able to use your phone number as a sign in string. Longer term, we’re considering different options to remove this overlap.

    Keep the great feedback coming and please let us know if you finds other sources of account confusion. We’ll continue to monitor this thread as we refine our plans.

    Ariel

    49 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • souviksouvik commented  ·   ·  Flag as inappropriate

        Please please help me out.i bought a lumia 640mobile phone,not xl version,with which I received an office365 personal subscription for 1 year through a serial key but after I upgraded my lumia to windows 10 insider preview slow version there were no office.when I tried to install word ,ppt and xl separately from windows store i get a preview version of all.now the main query is to know that whether i cn use my office 365 subscription in the preview version of word,xl,ppt on phone on a windows 10 platform in lumia 640.pls help.

      • Brian AdkinsBrian Adkins commented  ·   ·  Flag as inappropriate

        Google solved this a few years ago when they consolidated "Google" accounts and "Google Apps" accounts.... the process was pretty straightforward and really cleaned things up on the IT administration side.

        .... still waiting form MS to evolve to that same point

      • Thorsten KoroschaThorsten Koroscha commented  ·   ·  Flag as inappropriate

        The company I manage, where already 60% of 300 has already a microsoft account for the Microsoft Partner account based to our Domain, now we migrate to Ofice365 and of course we need to reamain with our Domain, it had produeces A LOT of confusion with most of our Users and made e a lot of extra work because many users wants to type in the identical password as they have in LiveID and then blocks the account, and many of them do´t know what to do...

        it raises by 400% of password resets I initiated and assuemes approx 10hrs per week at the moment.
        Due to the most normal users, are doesn´t understand any background and here I do not see any improvements by the user behavior without any hard link of the account, But it must not affect any issues with the Microsoft OEM or Developer Account where Microsoft is not able to maintain the Admin accounts! ( I really had there a half year of period where MS were unable to allocate and reset my account )...

      • Nexxus CloudNexxus Cloud commented  ·   ·  Flag as inappropriate

        I know this has been said by many other users but I just want to add to this to show Microsoft the community is vast that is requesting this as a fix and requesting it to be done NOW.

        We also are Microsoft Partners that specialize in Office 365 / Azure along with having our own O365 tenant account for our internal use. The issue of a live id / organizational account for azure / o365 (pre Azure AD) is a HUGE PAIN and it's only getting worse. As many have said here, we were forced to have multiple live ID's to access areas along with our organizational accounts for Office 365 and I can say that the list of ID's I have while not huge, is enough to make me really hate the management of these services. Especially from one computer. I actually went so far as to get another workstation, use a software KVM (Multiplicity for those of you that are curious) to control both of them at the same time and have one PC for my Live / Microsoft account administration and the other for my organizational account / office 365 account administration. While it's helped, we really need the ability to:

        1. Combine accounts, both live ID, Microsoft account, etc... automatically. I really don't want to spend hours on the phone with a rep to simply combine all the accounts.

        2. Have a way to combine my Azure subscription login with my Azure AD (made automatically for me when Azure AD rolled out for Office 365) so I can get to all my virtual machines, web apps and other Azure subscription services along with the newly created Azure AD for Office 365 / Intune / Azure AD services. I really want to be able to log into the Azure portal with my Office 365 account and see all things Azure I have across all accounts.

        3. Be able to access my Microsoft Partner account with my one sign-in.

        4. Be able to move a personal Live ID that I had (way prior to them even being Live ID's, mainly for Xbox Live) and also integrate that to my one Microsoft login. Simply because of Windows 10 and the integration across windows phone and xbox one. I want the full experience of one sign-in for my business, personal and partner all under one account that I can use to showcase my whole MS life.

        5. Finally, after I confirm that all the accounts have been migrated into one account, delete all the un-used accounts for security reasons. I don't want multiple "dead" accounts hanging out there in the wind with my attached credentials and personal info, credit card info, etc... I want the un-used accounts to GO AWAY.

        Please make this a HUGE priority. This is an immense problem for those of us that decided to be a Microsoft shop, trying to manage all of this stuff is just nuts. We support and sell Microsoft related services every day / all day and I would hope that they hear the community feedback on this one and act quickly.

      • GeorgeGeorge commented  ·   ·  Flag as inappropriate

        2. Microsoft Partner Program as well... which is very telling that it does not support Organizational/Work accounts. Pretty large "oversight" as it IS business by definition and to support O365 instead of ignore it should have been a priority, especially if you expect your partner community to "prioritize it.

        3. The overlap isn't "confusing" for us as described, what it does is NOT work. There is a very big difference between those two things. We don't need more "clarity" so that we understand what is happening and by extension resolve our confusion. Believe me we are VERY clear on exactly what is happening, what we need are systems designed so that they actually work properly that needs to be your focus.

        You use the term "Live ID", however, this is incorrect, and as the owners of these properties you should know that it was officially re-branded to "Microsoft Account" and that this is the current name for what used to be called "Windows Live ID".

        Skype has a Skype ID and a Microsoft Account logon and BOTH still survive, how, those id's coexist is an issue, they should be "mirrored", but they aren't, in essence one user now has two id's.

        Microsoft Account and Organizational account can share the same email address this is creating problems not confusion for us the user but confusion for your systems because when you see that email address and it belongs to both Microsoft Accounts and Organizational accounts your systems handle that distinction DIFFERENTLY under different conditions, SSO, Remember Logged, in etc have serious trouble dealing with this. In addition, for example, in Azure Tenant, Remote Apps, if you try to add to a Microsoft Account tenant the O365 Domain it will fail... this is directly related to the same "email address". https://msdn.microsoft.com/en-us/3d6c4fd1-c981-4c57-9402-59fe31b11883

        Just one example.

        We would be happy to transition completely to Organizational Account and "kill" the Microsoft Account but the Microsoft Account is in existence for a much longer period than the Organizational Account and that will need to be dealt with.

        You will need to provide us the consumer a "list" of what properties are being actively used with the Microsoft Account and allow us to transition those properties to the Organizational Account and how that is done will be an issue.

        For example, we use a Microsoft Account for OneDrive Consumer that email address is shared with an Organizational Account that included Office365. We actively use the Microsoft Account for OneDrive and Skype (consumer) and we need this to remain functioning. We have no problem using the Organizational Account for those services but need a way to "properly" transition to them.

        Hope this helps with understanding what the "confusion" is.

      • James D. SchwarzmeierJames D. Schwarzmeier commented  ·   ·  Flag as inappropriate

        To be honest, this is a mini-disaster for us. We created MSAs to use BizSpark and MSDN, and separately created O365 accounts. We need to be able to centrally manage things using ONE account. It's great to hear MSDN will be moving to support O365 accounts.

        Unfortunately having to create two accounts for each person has created quite mess in the meantime. We have one AAD containing all of our Azure subscriptions and our MSAs. We have a separate AAD containing our O365 users, many of whom have the same e-mail address. We also have a big history of work built up in Visual Studio online.

        We've been working with Azure and O365 for four years now, and consistently this is BY FAR the #1 pain point dealing with Microsoft online services. Fixing it needs to a *high* priority, as every single customer that signs up for both O365 and any service requiring an MSA is another customer that will have to devote time later to cleaning up their mess.

        Unfortunately it's not enough to just enable OrgIds on MSDN, BizSpark, other services. You have to provide a simple solution for your customers to clean up the mess they've been forced to create. This means merging everything:

        - MSAs themselves to equivalent OrgIds
        - VSO history
        - Entries in Azure directories
        - Azure subscriptions
        - MSDN subscriptions
        - Etc.

        Effectively every business service should have a way to migrate data, so when you flip the "master switch", everything transitions over automatically.

      • DanielDaniel commented  ·   ·  Flag as inappropriate

        This problem has been plaguing our o365 environment since our migration from live@edu

      • Boian SoloviovBoian Soloviov commented  ·   ·  Flag as inappropriate

        Thanks Marco!
        @Ariel, I hope you are still scanning this thread. There is a REAL need for improvement: as you yourself mention important services like MSDN and VL *require* that you sign up (and create a new live ID) with your company email address! A catch 22 is thus preprogrammed for all companies that use Azure AD. You could have long ago implemented AD Federation, SAML2 or OAUTH2 between live ID- and Azure ID-services.
        And by the way, this here uservoice forum could have accepted SSO with Azure ID as well - it is ridiculous that I have to sign in with a Google account!

      • Gary VargaGary Varga commented  ·   ·  Flag as inappropriate

        I have a similar issue with Google. Identity confusion because to add a gmail account to an existing Google account with a different email address (as directed by Google). Accounts and identities is a difficult issue because is HAS to be right.

      • Jamie ThomsonJamie Thomson commented  ·   ·  Flag as inappropriate

        I'm half-amused to see people here opine that this problem has existed for "almost a year" because to my mind its been a problem for much much longer than that. Lots of discussion here about Azure and the Azure Management Portal and various other services/web properties at Microsoft but I think the original poster captured it better than anyone. Two separate accounts (with two separate passwords) for the same email address is (at best) very very confusing, especially for non-techies. I totally understand the historical reasons for why this situation has arisen but surely the time has passed for it to be sorted out?

        I'd like to ask if there's a reason why Microsoft can't do what the original poster suggested i.e. merge Organisational accounts & Microsoft Accounts (MSA) that have the same email address. Other than "it'd be a heck of a lot of work" is there a technical reason that simply prohibits this from being done? I'd definitely like to know the answer to that because (IMHO) merging such accounts would solve most if not all of the frustrations I currently have regarding this whole mess.

      • JonJon commented  ·   ·  Flag as inappropriate

        I concur Willindigo. Unbelievable that this hasnt been solved and that it is barely acknowledged to be an issue. Have spent hours with MS Partner support and with them barely understanding the issue and just repeatedly asking me to keep trying.

      • Willindigo ☠Willindigo ☠ commented  ·   ·  Flag as inappropriate

        How in the world is this still an issue after a whole **** year? And what kind of idiot at Microsoft thought it wise to allow two different types of access IDs for the SAME SERVICES that allowed for the exact same user credentials? I am seriously baffled.

        They had it nailed with "Microsoft ID" used for Bizspark, Azure, Outlook.com etc.. then created Office365 with a completely separate directory that works with Bizspark but not Outlook.com or Azure? Jesus christ I am livid. This is so indicative of why people despise working with Microsoft Technologies. You attest that you are trying to abstract away the complexities of managing an IT infrastructure with SaaS like Azure and Office365, yet you pull this **** which results in more time and resources being devoted to hunt down obscure internet posts while EVERY EMAIL your "Microsoft Support" sends me says "Resolved."

        Oh well, I guess I will just have my guys leave our VMs running up in Azure ticking away my credits while I wait another 8 hours for someone from India to pretend to help me.

      • IanIan commented  ·   ·  Flag as inappropriate

        Ariel, what about the limitation on Windows 8 logins? Currently only "Microsoft Accounts" are supported. It would be great if this was also addressed, so that users could login to their work PCs using their 365/Azure AD account.

      • TedTed commented  ·   ·  Flag as inappropriate

        I'm with Matthew Cole in that trying to build apps with Azure AD and link to organization accounts is such a pain and would like to see IUR linked to organizational or the other way around.

        Another issue with this is trying to use the Azure SDK within Visual Studio. Every time I open VS, I have to logout of Azure in the server explorer and login again so that I can select my Live account. Otherwise, it ends up in a never ending loop of opening and closing the login window, as if it can't determine which account to open.

      • JoeJoe commented  ·   ·  Flag as inappropriate

        OK this doesn't seem as important as some of these but I have a 365 account with the same exact username (email) and password as a completely separate Live account. How is this possible? these must be two separate systems?

      • David RuizDavid Ruiz commented  ·   ·  Flag as inappropriate

        This has been a longstanding challenge for us as well. Signed up for BizSpark and Azure using my Microsoft Account, but running our business using a Office 365 Organization account of the same name (email address). Making matters worse, we're building business apps that leverage Azure AD SSO but can't even test it without stumbling over the account naming conflict that emanates from defining O365 users within manage.windowsazure.com and ultimately conflicts with the registered user apps that appear within myapps.microsoft.com.

      • J Aaron andersonJ Aaron anderson commented  ·   ·  Flag as inappropriate

        yes this is terrible, dumbfounded this was not thought out before release. Please keep me posted as well on how to thread together O365 4 Business OrgAccounts with pre-established (more personally driven) MSDN WIN:LIVE Accounts both with the same primary email address... shouldnt that distinguishing match SSO/Trust both uniques account GUIDs in multiple systems upon re-authentication ? anyhow please keep us all administrator up on this as this is an almost certain show stopper in many cases

      • Ariel Gordon (MSFT)Ariel Gordon (MSFT) commented  ·   ·  Flag as inappropriate

        Hi,

        I just posted a detailed reply to the duplicate post titled "Merge office365 and live accounts that use the same email address" (link below). Please use that post for further discussion.

        Thanks!

        Ariel

      • Ariel Gordon (MSFT)Ariel Gordon (MSFT) commented  ·   ·  Flag as inappropriate

        Thanks for the question and feedback.

        Our team owns the Microsoft account and Azure AD sign-in/sign-up experiences. We know that some experiences are confusing for some of you and we’re working hard to simplify them.

        More specifically:

        1) We know a number of users have multiple accounts with Microsoft, some they created themselves and others they got from their work or school. Today, using multiple accounts in Office 365, Azure.com or VisualStudio.com requires you sign out of one account and sign in to another. To address this we’re building the ability to be signed in with more than one account at the same time, in the same browser. This should start showing up on Microsoft web properties later this year.

        2) There’s a small number of Microsoft business services that only support “Live ID” accounts, and not organizational accounts that are used for other business services like Office 365. Examples include MSDN and Volume Licensing. We’re working with these teams to add support for organizational accounts. This will allow everyone who already has an account they use with Office 365 to use the same account to sign in to these services.

        3) Some users have two Microsoft-powered accounts with the same sign in string: one they got from their organization (when the organization uses Azure AD account) and one they created themselves (for example to access MSDN or VL). For these users, the sign-in experience to Office and Azure can be confusing. If you’re in this situation, the simplest solution is to rename the account you created yourself. You can use another consumer email address or get a new @outlook.com address. And later his year, you’ll also be able to use your phone number as a sign in string. Longer term, we’re considering different options to remove this overlap.

        Keep the great feedback coming and please let us know if you finds other sources of account confusion. We’ll continue to monitor this thread as we refine our plans.

        Ariel

      ← Previous 1 3

      Feedback and Knowledge Base