Some time over the previous few years ago I was playing with the Azure B2C feature and I accidentally created two extra Tenants under my Azure Subscription. When I signed-in to my Visual Studio subscription I could see 3 tenants listed in various menus and lists. I made occasional passing attempts to delete the irritating extra Tenants, but the delete page always told me there were active users and applications that had to be removed first, although those lists were empty.
Today I was so fed-up with the Tenant delete failures that I did more research and experiments and I finally succeeded in deleting the two extra useless Tenants.
In the Azure portal go to Azure Active Directory > Manage Tenants > click a useless Tenant in the list to open the details blade on the right and copy the Tenant ID.
Run PowerShell ISE as Administrator. Connect to the useless Tenant.
Connect-AzureAD –TenantID <TenantID>
List objects in the Tenant.
Get-AzureADServicePrincipal
There will be an unpredictably long list of objects. Try to remove as many as possible using this loop.
Get-AzureADServicePrincipal |
Select-Object -ExpandProperty ObjectId |
ForEach-Object { Remove-AzureADServicePrincipal -ObjectId $_}This removed everything from one of my Tenants and I could then delete it in the portal.
The other Tenant had about half of the objects removed and I still couldn't delete it because the portal said I had apps registered, although the app list was empty. I went to various pages and stumbled around, signed out and in again, and after a few minutes returned to the app list page. NOW there was an unfamiliar app listed and it said I couldn't delete it. I went ahead and deleted it anyway, and it worked. Now I could delete the final Tenant.
So overall, the process of deleting Azure AD Tenants is an unpredictable and frustrating process. You get misleading or missing information from the portal pages. Luckily, some web searches told me to use PowerShell to find and remove the objects that were blocking deletion, and even that process seemed nondeterministic.
It took me about two hours of concentrated effort to delete my two useless Tenants.
No comments:
Post a Comment