Azure Role-based access control
An Azure service that provides fine-grained access management for Azure resources, enabling you to grant users only the rights they need to perform their jobs.
Locked out of tenant for 4+ weeks – Identity Protection block, no resolution
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 68%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECQ%3C/text%3E%3C/svg%3E)
Christopher Quinn
0
Reputation points
I’ve been completely locked out of a Microsoft 365 / Azure tenant for over 4 weeks due to a Microsoft Entra ID (Azure AD) Identity Protection policy misconfiguration.
Only a break-glass account can sign in, but it does not have sufficient permissions to reverse the policy or assign roles.
I have already contacted Microsoft 365 Data Protection Team via a support ticket, but there has been no progress or resolution.
At this point, I need clear guidance on:
- How to escalate this type of lockout so that a Global Admin account can be restored, or
- If recovery is not possible, how to request tenant deletion to stop ongoing billing.
Any advice from Microsoft engineers or those who have successfully escalated similar cases would be greatly appreciated.
Azure Role-based access control
Sign in to answer