How to Delete Windows Azure Active Directory (WAAD)

A few days ago an update was made to Windows Azure Active Directory part of Microsoft Azure, and I am sure that it's one feature that MANY of you out there have been waiting for, you know when you went ahead and created that random named directory during signup, or a colleague signed up on the companies behalf and his directory was named incorrectly, so you created a new one but then that was stayed around like a bad smell... because it was not possible for you to be able to delete an directory instance! well... I am pleased to say that as of a couple of days ago this feature has now been made available!

If you sign-in to the Microsoft Azure Management Portal and Select 'Active Directory you will now see that a 'Delete' Button

A user account whom is a global administrator can delete an Azure AD directory from the Azure Management Portal. When a directory is deleted, all resources contained in the directory are also deleted; so you should be sure you don’t need the directory before you delete it.

NOTE: If the user is signed in with an organizational account, the user must not be attempting to delete his or her home directory. For example, if the user is signed in with the organizational account joe@contoso.onmicrosoft.com, that user cannot delete the directory that has contoso.onmicrosoft.com as its default domain.

Conditions that must be met to delete a directory

Azure AD requires that certain conditions are met to delete a directory. This reduces risk that deletion of a directory would negatively impact users or applications, such as the ability of users to sign in to Office 365 or access resources in Azure. The following conditions are checked:

• The only user in the directory is the global administrator who will delete the directory. Any other users must be deleted before the directory can be deleted. There is no requirement to delete groups or contacts, such as contacts added from the Office 365 Admin Center.
• There can be no applications in the directory. Any applications must be deleted before the directory can be deleted. Note: It is not possible to delete a directory if an application has been added from the Azure AD Application Gallery, even if that application is subsequently deleted. We are working to remove this limitation.
• There can be no subscriptions for any Microsoft Online Services such as Microsoft Azure, Office 365, or Azure AD Premium associated with the directory. For example, if a default directory was created for you in Azure, you cannot delete this directory if your Azure subscription still relies on this directory for authentication.
• No Multi-Factor Authentication providers can be linked to the directory.

It is important that you follow the conditions that need to be met, otherwise you won't be able to delete the directory and you'll possibly end up pulling your hair out! so make sure you read the above first. If you have any questions be sure to comment and I will be more than happy to help!

Troubleshooting

Directory has one or more applications

If you get this error message you may have applications associated with the directory, in order to proceed with the deletion of the directory you must ensure these are removed.

If you select the Applications pane within Azure Active Directory you will notice a dropdown box that shows you either

• Applications my company uses
• Applications my company owns

*be sure to click on the 'tick' when you change the filter.

You need to ensure that you have deleted all of the applications listed here; If you see applications like the below image then you have not done this.

NOTE: "Office 365 Management APIs" is an application that you will not be able to delete, but do not worry we have whitelisted this application so it WILL NOT block a deletion providing no other applications exist.

For further information around Azure AD - https://msdn.microsoft.com/en-us/library/azure/jj573650.aspx\#BKMK\_DeleteDirectory

Regards,

James.