WARNING: Following the instructions in this post will delete a lot of things that can not be recovered! If you really want to delete a tenant, MAKE SURE YOU ARE WORKING ON THE CORRECT ONE! The author of this post does not take any responsibility for what you do!
Deleting an Azure Tenant is pretty straightforward, if you know how to do it. But there is one caveat where many people (including myself) have struggled in the past. The problem is that very often you do everything you need to do correctly, but still can not delete the tenant and get this very generic error:
When you try to delete the tenant, this error message shows up and says “Unable to delete tenant”. No further information.
Check out the blog post below to find out what to do if you receive this message:
But let’s start from the beginning.
Step 1: Create a local tenant user
This makes everything a lot easer. Go to your “Azure Active Directory” page in the Azure Portal and move to “Users”. Create a new user, set the password and assign the “Global Administrator” role to the user. Log in to the tenant with your local user. You will need to change your password.
Step 2: Go to the delete tenant dashboard
Go to the “Azure Active Directory (AAD)” page in the Azure Portal and click the “Manage Tenants” button:
This will lead you to the “Manage Tenants” overview. Check the checkmark for the tenant you want to delete and click “Delete”:
Step 3: Follow the instructions and delete all the required objects
The delete tenant dashboard will show you all the areas of the tenant that you need to cleanup.
Of course you can do everything by hand, but that could be tedious. You can use any tool of your liking (Azure Powershell, Azure CLI, etc).
Two things that are a pain in the *ss to delete are “enterprise apps” and “app registrations” because you have to delete them one-by-one.
Additionally, you could run into this error: You did as told, all the items on the “delete tenant” dashboard are green and you can click the “delete” button. But when you do, you get this unusable error message: “Unable to delete tenant”:
The problem is that there are some Enterprise Applications that are not visible or can not be deleted in the Azure Portal. The item “Enterprise Applications” on the delete tenant dashboard is green, but it still does not work. To resolve this problem, all you have to do is use the powershell command below to delete the enterprise applications. Once you did, you will be able to delete the tenant. đŸ™‚
Deleting Azure Enterprise Applications with Azure Powershell
Use the following snippet to get rid of all your enterprise applications. if you are new to Azure Powershell, check out my other blog post here: https://manuelmeyer.net/2020/11/azure-tip-8-getting-started-with-azure-powershell/
WARNING: This will delete your enterprise application forever
//Login to Azure from Powershell
Login-AzAccount
//Ensure that you are connected to the correct Tenant
Get-AzContext
//Get your Enterprise Applications just to see the number
Get-AzAdServicePrincipal
//Use foreach to delete all of them
Get-AzAdServicePrincipal | ForEach-Object -Process {Remove-AzADServicePrincipal -ObjectId $_.Id}
//There could be some errors about undeletable Enterprise Apps, don't worry
//Check the list again
Get-AzAdServicePrincipal
//Enjoy that many are not there anymore. :-)
While we are at it, why not use the same syntax for the app registrations:
Deleting Azure App Registrations with Azure Powershell
WARNING: This will delete your app registrations forever!
//Login to Azure from Powershell
Login-AzAccount
//Ensure that you are connected to the correct Tenant
Get-AzContext
//Get your App Registrations just to see the number
Get-AzAdApplication
//Use foreach to delete all of them
Get-AzAdApplication | ForEach-Object -Process {Remove-AzAdApplication-ObjectId $_.Id}
//Check the list again
Get-AzAdServicePrincipal
//Enjoy that they are not there anymore. :-)
You should now be able to successfully delete your Azure Tenant!