You can use the Active Roles Configuration Center to delete an Azure tenant. This is typically required when an Azure tenant and its directory objects become obsolete because of organizational reasons.
To remove an Azure tenant
-
In the Active Roles Configuration Center, on the left pane, click Azure AD Configuration.
The list of existing Azure tenants appears.
-
On the Azure AD Configuration page, from the list of Azure tenants, select the tenant that you want to remove.
-
Click Remove.
-
Authenticate your Azure AD administrator account.
-
If you already used one or more Azure AD administrator accounts on your PC, select your account from the Pick an account list, then provide the account password. If you do not find your account in the list, specify your account by clicking Use another account.
-
If you have not used any Azure AD administrator accounts yet on the PC (for example, because you are configuring a fresh Active Roles installation), specify your account user name in the Sign in field, then provide your password.
NOTE: Make sure to specify the account used for adding the Azure tenant (that is, the account name listed under the Name column of the Azure tenant). Authenticating with another account will result in an error.
-
-
The Azure tenant and all the related domains and applications are then deleted upon successful login.
-
To apply the changes, you must restart the Administration Service. To restart the Administration Service, open the Configuration Center, click Administration Service on the left pane, then either click Restart, or first click Stop and then Start.
-
(Optional) If you want to force the deletion of the Active Roles Azure application on the Azure Portal for the removed Azure tenant, click Remove Azure Application and log in with the credentials of the removed Azure tenant.
This is typically recommended as an extra housekeeping and security measure if the removed Azure tenant has been previously managed either in earlier Active Roles versions or on other machines as well, but the Azure tenant has not been removed from those Active Roles installations prior to uninstalling them (leaving their client secret intact on the Azure Portal).
CAUTION: Using the Remove Azure Application option will result in all Active Roles installations losing access to the specified Azure tenant. If this happens, users managing the Azure tenant in another Active Roles installation (for example, on another machine) can regain access to the Azure tenant if they:
-
Remove the Azure tenant in the Azure AD Configuration tab of the Active Roles Configuration Center.
-
Add the Azure tenant again, as described in Configuring a new Azure tenant and consenting Active Roles as an Azure application.
-
-
To confirm removal, check if the removed Azure tenant has disappeared from the list of Azure tenants in the Azure AD Configuration page of the Active Roles Configuration Center, and from the Directory Management > Tree > Azure node of the Active Roles Web Interface.