Have you ever tried deleting an Azure Active Directory Tenant? Sometimes you may need to do this if you have multiple test directories in your Azure tenant. Today I’m going to discuss one specific issue which had prevented me from deleting couple of test Azure AD tenants I had in my Azure subscription.
Scenario
I’ve had two Azure AD tenants which I’ve deployed for testing and wanted to delete from my subscription. As for the preparations I deleted all users, groups and application in both directories except the default user (Microsoft Account). As soon as I hit DELETE it was prompting below error.
“Directory contains one or more applications that were added by a user or administrator.”
Now I was pretty much sure that I deleted all the SaaS applications from both directories but I went ahead and checked the application list just to be sure.
I can see one application called “Office 365 Management APIs” in the list which cannot be deleted and none of the directories were originated from Office 365 subscriptions.
Fix
I created a new global administrator user in each directory additional to the default Microsoft Account I had. (user@domain.onmicrosoft.com). Then I signed into my Azure AD tenant using Azure AD PowerShell. Here I’ve used the Connect-MsolService cmdlet and used the credentials of the new admin account to sign in.
I’ve executed following cmdlet to remove all SaaS applications from Azure AD. Note that there may be failures because some of the applications simply can’t be removed from Azure AD but it shouldn’t be a problem to delete the particular Azure AD tenant.
Get-MsolServicePrincipal | Remove-MsolServicePrincipal
When I switched back to Azure portal after exiting the PowerShell Session I could still see the Office 365 Management APIs application, but I decided to delete the global administrator for each directory and hit the DELETE button. Guess what I could successfully remove both Azure AD tenants without any issue.
This TechNet article came in very handy to troubleshoot this issue and contains more of the deletion scenarios for an Azure AD tenant.