Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.

How can we improve Azure Active Directory?

← Azure Active Directory

Merge office365 and live accounts that use the same email address

I use both Azure/msdn and office 365
I already had an msdn account mvdl@our-company.com ( Windows Live account) and our company recently migrated to Office 365 which resulted in a mvdl@our-company.com Office365 account.

Wich is causing a lot of grieve when switching between asure web portal / msdn web portal / office 365 web portal

Even when I have no portals open, I cant switch accounts. I need to explicity open the portal that I last logged in to. Log out, and then I can switch accounts.

And having both office 365 portal and Azure portal open at the same time is impossible.

1,344 votes

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Marco shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →
started  ·  AdminAzure AD Team (Product Owner, Microsoft Azure) responded  · 

Folks,

Thanks for the questions and suggestions. And apologies for not sharing any update on this thread for so long. We’ve been working on this problem and have announced changes on our official team blog (see here: https://cloudblogs.microsoft.com/enterprisemobility/2016/09/15/cleaning-up-the-azure-ad-and-microsoft-account-overlap/).

First, we are acutely aware of the UX pain this is causing and we are sorry for this. We are trying to undo a decade and a half of systems divergence. There are literally hundreds of different engineering teams across Microsoft involved in this effort. So this is taking time.

Second, we can’t easily “merge” two accounts, or allow IT to “take over” personal Microsoft accounts. There are two main hurdles: (1) The terms of service are fundamentally different for the two account types and (2) they are based on different technologies with different stacks (different identifiers, SDKs, token formats, etc.). We’re working to converge the two stacks but again this takes time. There are details of this in the blog post linked above.

Third, in the past year we’ve worked with 70+ teams across Microsoft that operate business services but only supported MSA for historical reason. Our goal is for all of these apps to support Azure AD (work accounts) as well. As of Nov 2017, we’re about half way there. Dev Center and MSDN subscriptions (now called Visual Studio subscriptions) are example of apps that now support Azure AD. Microsoft Payment Central and Invoicing are a few weeks away. Volume Licensing and many others are in progress and a couple months away.

The best recommendations we can provide right now are:
1) Use your work account (in Azure AD) to access any work application that supports it.
2) If you had created a personal Microsoft account to access Microsoft business apps, and no longer need it, close the account. Or rename it (which means chancing the user id) to avoid confusion.

Please follow our team blog for future updates on this problem.

Ariel Gordon

Show previous admin responses (2)

235 comments

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Anonymous commented  ·   ·  Flag as inappropriate

    The good thing is that I can upvote four times as I have two different e-mail addresses (one job and one personal) that both unintentionally have diverged into personal and work/school identities. 2 x 2 = 4! This is a total mess. I spend so much time to find Azure, Microsoft365/Office resources, making OneDrive work on Windows and MacOS with an endless number of bugs and problems because of this. My work e-mail is only 3 years old (quite new company), and even then they managed to diverge into double set of identities. Half of my customers send Microsoft Teams invites and they end up in personal account and other half of my customers send Microsoft Teams invites and they end up in work/school account, and I have to remember who is who. This is a mess and have to be fixed. The only real fix is to be able to merge two different accounts/identity that use same e-mail address into one account/identity using only one identity provider.

  • Dimitri.K. commented  ·   ·  Flag as inappropriate

    Validate if new username@AzureADCustomDomain already in use as private Microsoft account.
    Private Microsoft accounts must be not in use in Microsoft Azure subscription, while domain name can be attached as “custom domain”.
    My scenario: Domain name which is already in use for private Microsoft account linked as
    custom domain to Azure AD. I am still able to create duplicate of Microsoft account login name
    in Azure AD, which cause multiple login issues. Moreover, in my case I receive as extra
    #EXT#@domain.onmicrosoft.com “Work” account type.
    Best practice to register Azure subscription on unique
    @domain.onmicrosoft.com accounts instead of any login with custom domain name, especially private
    Microsoft account.
    Azure account admin mailbox – Exchange Plan 1 also welcome as default in Azure subscription,
    to avoid communications issues with Azure subscription owners and administrators.
    If organization change Office365 plan or domain name, Azure account admin mailbox @domain.onmicrosoft.com will be always available for communication.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Support for complete office .
    Office Login-Today we are discussing Microsoft Office which is a superb toolbox for the board of any information. Presently accessbility of microsoft office has been on the web. So to go office ,just login microsoft office. Office login is extremely basic advance through which you can get to your application online, for example, excel,doc,power point ,ondrive ,outlook,etc.
    Step by step instructions to Get office login Online.
    Step 1* Go to the Microsoft Official site and make new record at Microsoft .If unfit, Take help of help official to make account.
    Step 2* Get username and secret word.
    Step 3* Do office login with client name and secret password to get to the workplace.

    Click here to contact office login support.https://officelogin.org
    In the event that any issue happen during account creation and login issue. So you should contact to the workplace bolster official to determine the issue right away.

  • henry wilson commented  ·   ·  Flag as inappropriate

    Microsoft Office is most using application in the world. Excel has world wide popularity for database management. Now Office updated from offline to online . You can access online office 362 by the help of your Microsoft id and password. Just you need to login to access the office.
    If you are facing any error and trouble in office login. So solve it self, if its normal otherwise take help of technician to fix the problem very easily.
    http://officelogin.org

  • Craig Humphrey commented  ·   ·  Flag as inappropriate

    Yeah, starting to hit this with more frequency.

    We use SPOnline as an Extranet and have a lot of corporate clients using Microsoft Accounts on their business email address.
    Now they're starting to roll out O365 and so they're switching to AzureAD, on the same email address.

    Works great until they try to get into our SPOnline tenant and it tells them they don't exist in our directory...

    Even if you can't merge the accounts, it would be great, from either an AzureAD or SPOnline Admin perspective, to have some mechanism to replace an existing MSA account guest user, with their new O365 account - given they're using the same email address.

  • Dhiren Sham commented  ·   ·  Flag as inappropriate

    Ariel, it's understandable that you can't merge an existing personal MSA with an existing Azure AD account. But it would be stellar if an AAD account could become a superset of an MSA account in the future (or have an MSA attached to it). AAD admin could control if this feature is enabled or not, and if so, the MSA becomes manageable by IT.

    I know you said that you're working to enable AAD support across teams that operate business services, but this still entrenches the separation - non-business services are still going to insist that I use an MSA, which must be different from my work address, but I don't want to keep track of multiple email addresses or accounts.

    For those non-business services that require an MSA but will never support AAD (because they're non-business), please give us the option to allow our AAD account to function as an MSA (not a separate MSA linked to the same address, which is where we started out from).

    This will then allow me to sign into Paint3D, and it would stop the MS Store app from nagging me to sign in with a personal account to sync my apps, even though the AAD login that I'm signed into Windows with has ESR enabled, and I can use my work email for OAUTH SSO on third party sites that only integrate with an MSA and not AAD.

  • WooLand Polanski commented  ·   ·  Flag as inappropriate

    I would be more than happy to close my personal account and solely use my Work account but MPN is linked to my personal account and cannot be connected to an organisational account. This problem need a solution.

  • Anonymous commented  ·   ·  Flag as inappropriate

    With the new 'preview' UI I am constantly challenged to log on (again and again and again and ...) to O365 (web site) and MS apps, and presented ONLY with my Windows login name.
    I go to the O365 web page and see my O365 account. "Hello, Welcome Back funky dude" it welcomes while presenting my O365 account and a Sign In button. I click.
    Then :-(
    The UI presents two options for me to sign in with my windows account and one with my Windows email address. Where is my O365 sign in option. So, then I click and have to key it in to a blank dialogue box (my O365 name is not remembered in spite of being input 2 trillion times! And in spite of it being in the 'Work of School' field of my Windows account).

  • Charli commented  ·   ·  Flag as inappropriate

    In addition to the 3-year-long chain of horror below (I see I'm in good company, here), I have the same issues + 1. I'm a Microsoft Partner who signed up long ago under using my company email id as my PERSONAL Microsoft Account name with LiveId. Later, I developed service for my company on an external domain provider using the same domain and ID listed under the Microsoft Account. I then established service under O365-E3, mapping the external domain to O365 and using, again, my personal identifier, now, as my email addy for O365.

    Being a MSFT Partner, I installed my laptop using the personal account and paid for the O365 accounts used by my company with my Internal Use Rights from my Partner subscription.

    Because of the most recent updates made by MSFT behind the scenes, I've been forced to rename my Personal (Partnter) account. Having done so, this has NOT promulgated to my laptop (I see the same user id as before on my laptop profile), and it has NOT promulgated through to my O365 services (i.e., having deactivated O365 on my laptop, I cannot reactivate it). In particular, MSFT consistently gives me the message, Error. 0xCAA70004, regarding obtaining internet access. This, even though I'm clearly and consistently connected to the internet !

    Please help !

  • Sam DM commented  ·   ·  Flag as inappropriate

    Please permit me a simple question: How do I "discover" which AAD instance has created a work account for me?

    I get the dreaded "It looks like ***@***.com is used with more than one account ..." dialog when signing-in, but we do not have an AAD instance associated with our domain, which means some other domain added my personal account into their AAD system and know I need to figure out how to get me removed.

    IOW ... I cannot follow the "rename personal account" use-case, I just want to leave whatever AAD implementation has hijacked me.

    Thank you.

  • Richard Griffiths commented  ·   ·  Flag as inappropriate

    Right now I have this problem: my work email somehow has personal and a work version.

    We never intended to do this at all. Many resources are setup on the personal account for reasons I do not understand.

    I seriously need to lose the personal one with it's own password and have everything on the work one.

    1) Why is these even possible?
    2) How on earth can I kill this very useless feature and keep the stuff we've paid for on the work account only?

    It's causing a LOT of time cost. Right now I'm writing because I cannot access Azure thanks to this very nasty defect.

    Please give us a mechanism that allows accounts with the same email address to be merged - assuming the user has both passwords/credentials to hand.

    This would definitely fix my problem.

    Thank you.

  • Anonymous commented  ·   ·  Flag as inappropriate

    When my accounts synct together. I had emails today from 2014. . I just want my dead husbands pics. Out of the f..m cloud.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Here is the deal! I have same 2accounts for about 12 yrs or better. I have gmail and outlook. They said don't. Worry the would sync togethey, I think they meant sink.

  • WW commented  ·   ·  Flag as inappropriate

    Back again to say your "solution" is absolutely ridiculous. My password just stopped working while trying to log into Windows and MS Support CHANGED THE EMAIL ADDRESS TO MY MICROSOFT ACCOUNT. They assigned my backup email for my Microsoft Account as my sign in credential because it somehow conflicted with my Office 365 ID. I am having a hard time believing this is going on 5 years later. It is quite silly to honest.

← Previous 1 3 4 5 11 12

Azure Active Directory: End user experiences

Categories

Feedback and Knowledge Base

(thinking…)
Hosted by UserVoice