Things have changed a little during past weeks and I started new job at cyber security firm.

When I left my old company I wasn’t allowed to take my phone number with me. Naturally that caused some extra caution and checks from cloud management point of view. I thought that everything were taken into account but I was totally wrong. Was a bit surprised when saw these during authentication process.

I realized that I had blocked my only Global Admin account sign-in to O365 and Azure portals with Conditional Access policies risk management settings, Great!

Tried to figure out how to solve a problem but wasn’t able to find one, so once again with humble attitude, pick up to phone and called to Microsoft support. Luckily there was a way to promote standard user I named to global admin role. Naturally there were couple of checks to verify that I’m the owner of the tenant.

1. Add record to dns zone

2. Respond email which is sent from ms to tenant technical contact

After verifications were successful support personnel promoted named user to global admin role and I was able to logon to tenant as global admin.

Key takeaway is that use email, alternative email and phone number in your admin account details to avoid same kind of situation I had with my global admin account.