Delete Azure Tenant: Remove Custom Domain from Entra ID
In this article, we shall discuss the steps to “Delete Azure Tenant: Remove Custom Domain from Entra ID”. To delete an Azure account and deregister a custom domain associated with Entra ID, the below steps must be followed carefully. Please see How to deactivate and reactivate a Slack user, “Microsoft Azure Active Directory: How to setup Azure AD Tenant“, and how to “Register Devices to Intune and EntraID Using Company Portal“.
Note that deleting your Azure account can be irreversible, so ensure all critical data is backed up. When an tenant) is deleted in Microsoft Entra ID, all resources in the organisation are also deleted. Prepare your organisation by minimising its associated resources before you delete.
Why Delete Azure Tenants?
There are numerous reasons why you would want to delete an Azure Tenant. One of the reasons could be that you have claimed an Office 365 license in a wrong tenant which was my case.
- Another reason could be businesses consolidating multiple tenants or migrate to a different tenant for better resource and user management. A typical example of this is, merging two organisations or moving resources to a central tenant.
- If a tenant was created for testing, development, or a temporary project, it may no longer be needed once the project concludes. While Azure Active Directory itself might not have direct costs, associated subscriptions, applications, and licenses can incur charges. Deleting unused tenants helps avoid unnecessary expenses.
- When a tenant is no longer required, keeping it active might pose security or compliance risks especially if it is not actively monitored. Therefore, this was also a reason for the deletion in my environment.
Most importantly in my case, custom domains associated with a tenant cannot be used in another tenant unless removed. Therefore, since the tenant will NEVER be used anymore, it was sufficient to have it deleted.
Please see how to Move Azure Resources between Subscriptions, and “How to add and verify a custom domain name to Azure Active Directory“.
Remove Custom Domain from Entra ID (Azure Active Directory)
First, we will have to dissociate the custom domain from the Tenant. To do this, log in to the Azure Portal and navigate to Entra ID.
Ensure that no users, groups, or applications are using this domain; you may need to change them to the default
onmicrosoft.comdomain first by making this a primary domain.
In the left panel, select Custom domain names. Choose the custom domain you want to remove.
Now, let us make the onmicrosoft.com the default domain. The tenant is associated with a custom domain, which needs to be disassociated and deleted.
Note: You will also need to cancel (delete) all Entra ID subscriptions before deleting your Tenant. Also, the associated user to the custom domain, and the resource groups need to be removed
Delete User
To delete a user, this is straight forward. To do this, log in to the Azure Portal and navigate to Entra ID and navigate to Users.
Select the account(s) and have them deleted.
User account to delete
Confirm user deletion
User account removed.
Switch Domain
Now that we have deleted all dependancies associated with the custom domain. We will proceed to make the default directory the primary domain.
Confirm to make the domain the primary domain.
As you can see below, we have successfully made the onmicrosoft.com the primary domain.
Click on Delete to remove the custom domain.
Click on delete again. As you can see, we have met the delete requirement as well.
Custom domain successfully deleted.
Please see how to Fix missing path and delete a Veeam Backup Repository, How to Install OpenSSL on Windows Computers, and how to Fix the Port used for the Virtualhost is not an Apache Listen Port.
Delete subscription
If you have an active or canceled Azure subscription associated with your Microsoft Entra tenant, you can’t delete the tenant.
After you cancel, billing is stopped immediately. After you cancel a subscription, your billing stops immediately. You can delete your subscription directly using the Azure portal seven days after you cancel it, when the Delete subscription option becomes available.
Once your subscription is deleted. Microsoft waits 30 to 90 days before permanently deleting your data in case you need to access it or reactivate your subscription
As you can see, we have got no subscriptions associated. You can’t delete an organization in Microsoft Entra ID until it passes several checks. These checks reduce the risk that deleting a Microsoft Entra organization negatively affects user access, such as the ability to sign in to Microsoft 365 or access resources in Azure.
But you could have dependencies from O365. You also have to check this, else you will never be able to delete the Tenant.
Delete Azure Tenant
To delete the Tenant, click on “Manage Tenants” as shown below
As shown below, only one tenant is present, and it will be deleted for consolidation purposes.
As you can see below, I have not meet the prerequisites to have this tenant deleted.
I will work through the affected status and ensure all required actions are met.
For the enterprise application (BingWebmasterTools), I will proceed to the blade and have it deleted. Also, for LinkedIn, I will have this deleted.
A few enterprise applications can’t be deleted in the Microsoft Entra admin center and might block you from deleting the tenant. Please use the PowerShell code to remove those applications as discussed in this Microsoft Guide.
Now, we are having issues with a license based subscripting and this related to O365.
Unassign Office 365 License
Navigate to the Office 365 Admin Center, and unassign the license
You will also have to cancel the subscription as I wish t use this with another tenant.
I will also delete it. This might not be the case for you.
Shortly, you will get an email stating that “Christian Eromosele submitted a request on November 14, 2024 to delete your Office 365 E3 EEA (no Teams) subscription.
It is currently disabled and will be deleted on November 17, 2024. After your subscription is deleted, it can’t be recovered. If you’d like to reactivate it, you may do so until November 16, 2024. To reactivate your subscription: In the Microsoft 365 admin center, go to Billing > Your products. On the Your products page, find the subscription that you want to reactivate. In the Billing section of that subscription, select Reactivate now. Confirm or change your payment method, and then select Reactivate.Below is the email received just for your information.
Note: According to the Microsoft documentation. After you’ve deleted a subscription in your organisation and 72 hours have elapsed, sign in to the Microsoft Entra admin center again. Confirm that no required actions or subscriptions are blocking your organisation deletion. You should be able to successfully delete your Microsoft Entra organization.
After the said hors has passed, you can see all checks have passed and I can now delete the Azure Tenant. Click on delete to delete the Tenant.
Account has been successfully scheduled for deletion.
The Tenant is gone!
That is all you need to do to clean up tenants that are no longer useful or when you are transitioning away from Azure.
I hope you found this article on “Delete Azure Tenant: Remove Custom Domain from Entra ID” very useful. Please feel to leave a comment below.
