Merge office365 and live accounts that use the same email address

I use both Azure/msdn and office 365
I already had an msdn account mvdl@our-company.com ( Windows Live account) and our company recently migrated to Office 365 which resulted in a mvdl@our-company.com Office365 account.

Wich is causing a lot of grieve when switching between asure web portal / msdn web portal / office 365 web portal

Even when I have no portals open, I cant switch accounts. I need to explicity open the portal that I last logged in to. Log out, and then I can switch accounts.

And having both office 365 portal and Azure portal open at the same time is impossible.

1,151 votes

(thinking…)

oidc

Forgot password?

Create a password

Signed in as (Sign out)

We’ll send you updates on this idea

Marco shared this idea · Dec 17, 2013 · Flag idea as inappropriate… · Admin →

started ·

AdminAzure AD Team (Product Owner, Microsoft Azure) responded · Nov 29, 2017

Folks,

Thanks for the questions and suggestions. And apologies for not sharing any update on this thread for so long. We’ve been working on this problem and have announced changes on our official team blog (see here: https://cloudblogs.microsoft.com/enterprisemobility/2016/09/15/cleaning-up-the-azure-ad-and-microsoft-account-overlap/).

First, we are acutely aware of the UX pain this is causing and we are sorry for this. We are trying to undo a decade and a half of systems divergence. There are literally hundreds of different engineering teams across Microsoft involved in this effort. So this is taking time.

Second, we can’t easily “merge” two accounts, or allow IT to “take over” personal Microsoft accounts. There are two main hurdles: (1) The terms of service are fundamentally different for the two account types and (2) they are based on different technologies with different stacks (different identifiers, SDKs, token formats, etc.). We’re working to converge the two stacks but again this takes time. There are details of this in the blog post linked above.

Third, in the past year we’ve worked with 70+ teams across Microsoft that operate business services but only supported MSA for historical reason. Our goal is for all of these apps to support Azure AD (work accounts) as well. As of Nov 2017, we’re about half way there. Dev Center and MSDN subscriptions (now called Visual Studio subscriptions) are example of apps that now support Azure AD. Microsoft Payment Central and Invoicing are a few weeks away. Volume Licensing and many others are in progress and a couple months away.

The best recommendations we can provide right now are:
1) Use your work account (in Azure AD) to access any work application that supports it.
2) If you had created a personal Microsoft account to access Microsoft business apps, and no longer need it, close the account. Or rename it (which means chancing the user id) to avoid confusion.

Please follow our team blog for future updates on this problem.

Ariel Gordon

Show previous admin responses (2)

started ·

AdminAzure AD Team (Software Engineer, Microsoft Azure) responded · Jun 3, 2015

Our team owns the Microsoft account and Azure AD sign-in/sign-up experiences. We know that some experiences are confusing for some of you and we’re working hard to simplify them.

More specifically:

1) We know a number of users have multiple accounts with Microsoft, some they created themselves and others they got from their work or school. Today, using multiple accounts in Office 365, Azure.com or VisualStudio.com requires you sign out of one account and sign in to another. To address this we’re building the ability to be signed in with more than one account at the same time, in the same browser. This should start showing up on Microsoft web properties later this year.

2) There’s a small number of Microsoft business services that only support “Live ID” accounts, and not organizational accounts that are used for other business services like Office 365. Examples include MSDN and Volume Licensing. We’re working with these teams to add support for organizational accounts. This will allow everyone who already has an account they use with Office 365 to use the same account to sign in to these services.

3) Some users have two Microsoft-powered accounts with the same sign in string: one they got from their organization (when the organization uses Azure AD account) and one they created themselves (for example to access MSDN or VL). For these users, the sign-in experience to Office and Azure can be confusing. If you’re in this situation, the simplest solution is to rename the account you created yourself. You can use another consumer email address or get a new @outlook.com address. And later his year, you’ll also be able to use your phone number as a sign in string. Longer term, we’re considering different options to remove this overlap.

Keep the great feedback coming and please let us know if you finds other sources of account confusion. We’ll continue to monitor this thread as we refine our plans.

Ariel

under review ·

AdminAzure AD Team (Software Engineer, Microsoft Azure) responded · Jun 3, 2015

This is a great topic and suggestion which we are actively investigating. Hope to come back here shortly with some more details.,
/Brjann Brekkan

229 comments

Add a comment…

Attach a File

(thinking…)

oidc

Forgot password?

Create a password

Signed in as (Sign out)

Submitting...

jamiemiller commented · April 12, 2019 4:07 AM · Flag as inappropriate

According to my point of view, Azure improve through the following point.
1 Strategy.
2 Management.
3Communications.
if you need more information about click hereahref= <a href=" https://www.errorcodeexpert.com/how-to-fix-windows-update-error-code-0x80073712/"> Windows Update Error Code 0x80073712</a>
Peter Cuthbert commented · February 14, 2019 4:05 AM · Flag as inappropriate

Until they resolve this issue, you can use Firefox Container Tabs to get around this issue.

I'm a dev that has to work with multiple tenants at the same time.

Firefox Containers allow you to have separate cookies/data per tab. Check it out here: https://addons.mozilla.org/en-US/firefox/addon/multi-account-containers/?src=search
Craig Humphrey commented · October 7, 2018 5:15 PM · Flag as inappropriate

Yeah, starting to hit this with more frequency.

We use SPOnline as an Extranet and have a lot of corporate clients using Microsoft Accounts on their business email address.
Now they're starting to roll out O365 and so they're switching to AzureAD, on the same email address.

Works great until they try to get into our SPOnline tenant and it tells them they don't exist in our directory...

Even if you can't merge the accounts, it would be great, from either an AzureAD or SPOnline Admin perspective, to have some mechanism to replace an existing MSA account guest user, with their new O365 account - given they're using the same email address.
Dhiren Sham commented · September 30, 2018 12:04 PM · Flag as inappropriate

Ariel, it's understandable that you can't merge an existing personal MSA with an existing Azure AD account. But it would be stellar if an AAD account could become a superset of an MSA account in the future (or have an MSA attached to it). AAD admin could control if this feature is enabled or not, and if so, the MSA becomes manageable by IT.

I know you said that you're working to enable AAD support across teams that operate business services, but this still entrenches the separation - non-business services are still going to insist that I use an MSA, which must be different from my work address, but I don't want to keep track of multiple email addresses or accounts.

For those non-business services that require an MSA but will never support AAD (because they're non-business), please give us the option to allow our AAD account to function as an MSA (not a separate MSA linked to the same address, which is where we started out from).

This will then allow me to sign into Paint3D, and it would stop the MS Store app from nagging me to sign in with a personal account to sync my apps, even though the AAD login that I'm signed into Windows with has ESR enabled, and I can use my work email for OAUTH SSO on third party sites that only integrate with an MSA and not AAD.
Anonymous commented · September 15, 2018 9:43 AM · Flag as inappropriate

Good
WooLand Polanski commented · June 29, 2018 3:39 AM · Flag as inappropriate

I would be more than happy to close my personal account and solely use my Work account but MPN is linked to my personal account and cannot be connected to an organisational account. This problem need a solution.
Anonymous commented · June 3, 2018 11:10 PM · Flag as inappropriate

With the new 'preview' UI I am constantly challenged to log on (again and again and again and ...) to O365 (web site) and MS apps, and presented ONLY with my Windows login name.
I go to the O365 web page and see my O365 account. "Hello, Welcome Back funky dude" it welcomes while presenting my O365 account and a Sign In button. I click.
Then :-(
The UI presents two options for me to sign in with my windows account and one with my Windows email address. Where is my O365 sign in option. So, then I click and have to key it in to a blank dialogue box (my O365 name is not remembered in spite of being input 2 trillion times! And in spite of it being in the 'Work of School' field of my Windows account).
Charli commented · May 27, 2018 2:28 PM · Flag as inappropriate

In addition to the 3-year-long chain of horror below (I see I'm in good company, here), I have the same issues + 1. I'm a Microsoft Partner who signed up long ago under using my company email id as my PERSONAL Microsoft Account name with LiveId. Later, I developed service for my company on an external domain provider using the same domain and ID listed under the Microsoft Account. I then established service under O365-E3, mapping the external domain to O365 and using, again, my personal identifier, now, as my email addy for O365.

Being a MSFT Partner, I installed my laptop using the personal account and paid for the O365 accounts used by my company with my Internal Use Rights from my Partner subscription.

Because of the most recent updates made by MSFT behind the scenes, I've been forced to rename my Personal (Partnter) account. Having done so, this has NOT promulgated to my laptop (I see the same user id as before on my laptop profile), and it has NOT promulgated through to my O365 services (i.e., having deactivated O365 on my laptop, I cannot reactivate it). In particular, MSFT consistently gives me the message, Error. 0xCAA70004, regarding obtaining internet access. This, even though I'm clearly and consistently connected to the internet !

Please help !
Anonymous commented · May 21, 2018 12:49 PM · Flag as inappropriate

I DON'LIKE THIS
Sam DM commented · March 15, 2018 11:08 AM · Flag as inappropriate

Please permit me a simple question: How do I "discover" which AAD instance has created a work account for me?

I get the dreaded "It looks like ***@***.com is used with more than one account ..." dialog when signing-in, but we do not have an AAD instance associated with our domain, which means some other domain added my personal account into their AAD system and know I need to figure out how to get me removed.

IOW ... I cannot follow the "rename personal account" use-case, I just want to leave whatever AAD implementation has hijacked me.

Thank you.
Richard Griffiths commented · March 13, 2018 3:39 AM · Flag as inappropriate

Right now I have this problem: my work email somehow has personal and a work version.

We never intended to do this at all. Many resources are setup on the personal account for reasons I do not understand.

I seriously need to lose the personal one with it's own password and have everything on the work one.

1) Why is these even possible?
2) How on earth can I kill this very useless feature and keep the stuff we've paid for on the work account only?

It's causing a LOT of time cost. Right now I'm writing because I cannot access Azure thanks to this very nasty defect.

Please give us a mechanism that allows accounts with the same email address to be merged - assuming the user has both passwords/credentials to hand.

This would definitely fix my problem.

Thank you.
Anonymous commented · February 25, 2018 8:50 PM · Flag as inappropriate

I am wendy rolow. wenrow57@outlook.com. Thank you
Anonymous commented · February 25, 2018 8:47 PM · Flag as inappropriate

When my accounts synct together. I had emails today from 2014. . I just want my dead husbands pics. Out of the f..m cloud.
Anonymous commented · February 25, 2018 8:43 PM · Flag as inappropriate

Here is the deal! I have same 2accounts for about 12 yrs or better. I have gmail and outlook. They said don't. Worry the would sync togethey, I think they meant sink.
WW commented · February 9, 2018 12:04 AM · Flag as inappropriate

Back again to say your "solution" is absolutely ridiculous. My password just stopped working while trying to log into Windows and MS Support CHANGED THE EMAIL ADDRESS TO MY MICROSOFT ACCOUNT. They assigned my backup email for my Microsoft Account as my sign in credential because it somehow conflicted with my Office 365 ID. I am having a hard time believing this is going on 5 years later. It is quite silly to honest.
Chris commented · December 4, 2017 4:51 PM · Flag as inappropriate

Your recommendation is to rename the account, yet doing this takes 30-days-per-change (It literally took me 3 months to change an email address, security reset-method, and name)! It is unacceptable that we are treated like criminals throughout this whole process, when it was your screwup in the first place. Give us our Skype credits, Give us our Microsoft Office licenses, Give us our MSDN access!

At the very least use intelligence that if a passport account has the EXACT email address of one of your client O365 tenants, you can safely assume that it is one that you have tangled up in your garbage personal passports which YOU forced us onto 1-8 years ago... and give them a bit of a break when us SysAdmins try to take back control of them. These lockdowns work exactly against your own tip!!
Marc D Anderson commented · November 30, 2017 5:42 AM · Flag as inappropriate

I'm surprised you'd post a link to a blog post from September, 2016 and say "we’ve been working on this problem and have announced changes on our official team blog" about it. Is there no new news since then? You note some info in your second "STARTED" post above, but people are truly struggling with this stuff at every client I have and organization I know of. External sharing is an embarrassing process - not the beautiful experience demoed at places like Ignite. I'd love to be able to point people to a regular set of updates from you guys showing how you're moving the ball down the field.
Richard Griffiths commented · November 30, 2017 1:54 AM · Flag as inappropriate

Anyway to forbid the creation of a personal account if a work account of the same email already exists in your infrastructure?

And if a personal account exists, creation of a work one triggers an optional process of migration from the personal one. If the user says No to this, don't create the new work one?

I'm going to try deleting the personal one and force any resources that use it to accept the work one - as they're both the same email - such a bad idea that was :).
AdminAzure AD Team (Product Owner, Microsoft Azure) commented · November 29, 2017 6:03 PM · Flag as inappropriate

@NeilG Thanks for the details. I'll share with B2B team. Ariel
AdminAzure AD Team (Product Owner, Microsoft Azure) commented · November 29, 2017 3:57 PM · Flag as inappropriate

@RonPitts good suggestion. I will discuss internally.