guest user admin

Steel Contributor


I was once thought by and MVP that the "right way" to get into a clients Azure Portal was to create/invite my own mail as a guest user and then afterwards assign the proper Directory roles (global admin, exchange admin etc.)


However - I get into the (clients) Azure portal just fine and can do anything in there (and can switch directories) - but when I try to go to the O365 admin portal or the EXO admin - I get my own "Tenant" and can't switch to the clients tenant.


Are this the "right" way or do I need a <client> global admin -
if not - how do I "switch" to the client admin o365/EXO ecp admin center?


Hope it makes sense - otherwise I can elaborate :) 

2 Replies

@Taen keren  Great question! Lost few days didn't found solution. Opening ticket :)

@Taen keren 
Sorry to pull this one out of the grave, but I came across this by chance, and thought I would just fill out the answer for anyone else passing by :)

The thing is that a guest identity is not really the best way to access these other portals - MS is working on it, but this work is mostly relevant for Partners that have adopted the partner identity eco system.

IF you are "just" helping out a few clients and have never bothered to setup your MS partner account for management of clients, then you would be best off by creating a dedicated user in the clients tenant.
There is nothing "wrong" in doing this, but you might not enjoy having to manage too many separate identities though.

Hope this helps.

More on MS Partner delegated access here: Obtain a customer's admin privileges - Partner Center | Microsoft Docs