在 Azure Active Directory 中删除一个租户Delete a tenant in Azure Active Directory

删除 Azure AD 组织(租户)时,也会删除包含在该组织中的所有资源。When an Azure AD organization (tenant) is deleted, all resources that are contained in the organization are also deleted. 在删除前要最大程度地减少与组织关联的资源,使组织为删除做好准备。Prepare your organization by minimizing its associated resources before you delete. 只有 Azure Active Directory (Azure AD) 全局管理员可从门户中删除 Azure AD 组织。Only an Azure Active Directory (Azure AD) global administrator can delete an Azure AD organization from the portal.

准备组织Prepare the organization

除非 Azure AD 中的组织通过了若干项检查,否则无法将其删除。You can't delete a organization in Azure AD until it passes several checks. 这些检查将降低删除 Azure AD 组织对用户访问造成负面影响(例如,影响登录 Microsoft 365 或访问 Azure 中的资源)的风险。These checks reduce risk that deleting an Azure AD organization negatively impacts user access, such as the ability to sign in to Microsoft 365 or access resources in Azure. 例如,如果意外删除了与订阅关联的组织,则用户将无法访问该订阅的 Azure 资源。For example, if the organization associated with a subscription is unintentionally deleted, then users can't access the Azure resources for that subscription. 需检查以下情况:The following conditions are checked:

  • 除了一位要删除组织的全局管理员外,Azure AD 组织(租户)中不得有任何用户。There can be no users in the Azure AD organization (tenant) except one global administrator who is to delete the organization. 在删除组织之前,必须先删除任何其他用户。Any other users must be deleted before the organization can be deleted. 如果用户是从本地同步的,则必须先关闭同步,并且必须使用 Azure 门户或 Azure PowerShell cmdlet 从云组织中删除这些用户。If users are synchronized from on-premises, then sync must first be turned off, and the users must be deleted in the cloud organization using the Azure portal or Azure PowerShell cmdlets.
  • 该组织中不能有任何应用程序。There can be no applications in the organization. 在删除组织之前,必须先删除任何应用程序。Any applications must be removed before the organization can be deleted.
  • 不能有任何多重身份验证提供程序链接到该组织。There can be no multi-factor authentication providers linked to the organization.
  • 该组织不能有与之关联的任何 Microsoft Online Services(例如 Azure、Microsoft 365 或 Azure AD Premium)订阅。There can be no subscriptions for any Microsoft Online Services such as Azure, Microsoft 365, or Azure AD Premium associated with the organization. 例如,如果在 Azure 中创建了一个默认 Azure AD 组织,并且 Azure 订阅仍然依赖于此组织进行身份验证,则不能删除此组织。For example, if a default Azure AD organization was created for you in Azure, you cannot delete this organization if your Azure subscription still relies on this organization for authentication. 类似地,如果其他用户已将订阅与某个组织相关联,则无法删除该组织。Similarly, you can't delete a organization if another user has associated a subscription with it.

删除组织Delete the organization

  1. 使用一个其身份为组织全局管理员的帐户登录到 Azure 门户Sign in to the Azure portal with an account that is the Global Administrator for your organization.

  2. 选择“Azure Active Directory” 。Select Azure Active Directory.

  3. 切换到要删除的组织。Switch to the organization you want to delete.

    删除前确认组织

  4. 选择“删除租户”。Select Delete tenant.

    选择命令以删除组织

  5. 如果组织未通过一个或多个检查,系统会提供相关链接,介绍如何通过检查的详细信息。If your organization does not pass one or more checks, you're provided with a link to more information on how to pass. 通过所有检查后,请选择“删除”,此过程结束。After you pass all checks, select Delete to complete the process.

如果无法删除组织If you can't delete the organization

如果配置了 Azure AD 组织,你可能已为组织激活了基于许可证的订阅,例如 Azure AD Premium P2、Microsoft 365 商业标准版或企业移动性 + 安全性 E5。When you configured your Azure AD organization, you may have also activated license-based subscriptions for your organization like Azure AD Premium P2, Microsoft 365 Business Standard, or Enterprise Mobility + Security E5. 若要避免意外的数据丢失,在订阅被完全删除之前,无法删除组织。To avoid accidental data loss, you can't delete a organization until the subscriptions are fully deleted. 订阅必须处于“已取消预配”状态才能删除组织。The subscriptions must be in a Deprovisioned state to allow organization deletion. “已过期”或“已取消”订阅移动到“已禁用”状态后,最后一个阶段就是“已取消预配”状态 。An Expired or Canceled subscription moves to the Disabled state, and the final stage is the Deprovisioned state.

有关 Microsoft 365 订阅试用到期后需执行的操作(不包括付费合作伙伴/CSP、企业协议或批量许可),请参阅下表。For what to expect when a trial Microsoft 365 subscription expires (not including paid Partner/CSP, Enterprise Agreement, or Volume Licensing), see the following table. 如需深入了解 Microsoft 365 数据保留期和订阅生命周期,请参阅 Microsoft 365 商业版订阅结束后我的数据和访问会出现什么情况?For more information on Microsoft 365 data retention and subscription lifecycle, see What happens to my data and access when my Microsoft 365 for business subscription ends?.

订阅状态Subscription state 数据Data 对数据的访问Access to data
活动(30 天试用)Active (30 days for trial) 所有用户均可访问数据Data accessible to all 用户可正常访问 Microsoft 365 文件或应用Users have normal access to Microsoft 365 files, or apps
管理员可正常访问 Microsoft 365 管理中心和资源Admins have normal access to Microsoft 365 admin center and resources
已到期(30 天)Expired (30 days) 所有用户均可访问数据Data accessible to all 用户可正常访问 Microsoft 365 文件或应用Users have normal access to Microsoft 365 files, or apps
管理员可正常访问 Microsoft 365 管理中心和资源Admins have normal access to Microsoft 365 admin center and resources
已禁用(30 天)Disabled (30 days) 仅管理员可访问数据Data accessible to admin only 用户无法正常访问 Microsoft 365 文件或应用Users can’t access Microsoft 365 files, or apps
管理员可以访问 Microsoft 365 管理中心,但无法向用户分配许可证,也无法更新用户Admins can access the Microsoft 365 admin center but can’t assign licenses to or update users
已取消预配(禁用后 30 天)Deprovisioned (30 days after Disabled) 已删除数据(没有使用其他服务时自动删除)Data deleted (automatically deleted if no other services are in use) 用户无法正常访问 Microsoft 365 文件或应用Users can’t access Microsoft 365 files, or apps
管理员可以访问 Microsoft 365 管理中心以购买和管理其他订阅Admins can access the Microsoft 365 admin center to purchase and manage other subscriptions

我有一个影响删除的试用订阅I have a trial subscription that blocks deletion

对于 Power BI、Rights Management Services、Microsoft Power Apps 或 Dynamics 365 等自助服务注册产品,个人用户可通过 Microsoft 365 注册,这也会在 Azure AD 组织中创建来宾用户以用于身份验证。There are self-service sign-up products like Power BI, Rights Management Services, Microsoft Power Apps, or Dynamics 365, individual users can sign up via Microsoft 365, which also creates a guest user for authentication in your Azure AD organization. 这些自助服务产品会阻止删除目录,直到这些产品从组织中完全删除,以避免数据丢失。These self-service products block directory deletions until the products are fully deleted from the organization, to avoid data loss. 它们只能由 Azure AD 管理员删除,无论用户是单独注册还是分配了产品。They can be deleted only by the Azure AD admin whether the user signed up individually or was assigned the product.

自助服务注册产品的分配方式有两种:There are two types of self-service sign-up products in how they are assigned:

  • 组织级别分配:Azure AD 管理员会将产品分配到整个组织,用户可以使用此组织级别分配的服务,即使他们没有单独获得许可也无妨。Org-level assignment: An Azure AD admin assigns the product to the entire organization and a user can be actively using the service with this org-level assignment even if they are not licensed individually.
  • 用户级别分配:在自助服务注册期间,单个用户实际上是在没有管理员的情况下将产品分配给自己的。组织被管理员管理后,管理员就可以直接向用户分配产品,无需进行自助服务注册。User level assignment: An individual user during self-service sign-up essentially assigns the product to themselves without an admin. Once the organization becomes managed by an admin, then the admin can directly assign the product to users without self-service sign-up.

开始删除自助服务注册产品时,该操作将永久删除数据并删除用户对该服务的所有访问权限。When you begin the deletion of the self-service sign-up product, the action permanently deletes the data and removes all user access to the service. 然后,将阻止任何已单独分配产品/服务或组织级别的用户登录或访问任何现有数据。Any user that was assigned the offer individually or on the organization level is then blocked from signing in or accessing any existing data. 如果想要防止自助服务注册产品(如 Power BI 仪表板)的数据丢失,请确保将数据备份并保存到其他位置。If you want to prevent data loss with the self-service sign-up product like Power BI dashboards, ensure that the data is backed up and saved elsewhere.

若要详细了解当前可用的自助服务注册产品和服务,请参阅可用的自助服务计划For more information about currently available self-service sign-up products and services, see Available self-service programs.

有关 Microsoft 365 订阅试用到期后需执行的操作(不包括付费合作伙伴/CSP、企业协议或批量许可),请参阅下表。For what to expect when a trial Microsoft 365 subscription expires (not including paid Partner/CSP, Enterprise Agreement, or Volume Licensing), see the following table. 如需深入了解 Microsoft 365 数据保留期和订阅生命周期,请参阅 Microsoft 365 商业版订阅结束后我的数据和访问会出现什么情况?For more information on Microsoft 365 data retention and subscription lifecycle, see What happens to my data and access when my Microsoft 365 for business subscription ends?.

产品状态Product state 数据Data 对数据的访问Access to data
活动(30 天试用)Active (30 days for trial) 所有用户均可访问数据Data accessible to all 用户可正常访问自助服务注册产品、文件或应用Users have normal access to self-service sign-up product, files, or apps
管理员可正常访问 Microsoft 365 管理中心和资源Admins have normal access to Microsoft 365 admin center and resources
DeletedDeleted 数据已删除Data deleted 用户无法访问自助服务注册产品、文件或应用Users can’t access self-service sign-up product, files, or apps
管理员可以访问 Microsoft 365 管理中心以购买和管理其他订阅Admins can access the Microsoft 365 admin center to purchase and manage other subscriptions

如何在 Azure 门户中删除自助服务注册产品?How can I delete a self-service sign-up product in the Azure portal?

可以将自助服务注册产品(如 Power BI 或 Azure Rights Management Services)置于“删除”状态,以立即在 Azure AD 门户中将其删除。You can put a self-service sign-up product like Power BI or Azure Rights Management Services into a Delete state to be immediately deleted in the Azure AD portal.

  1. 使用组织中的全局管理员帐户登录到 Azure 门户Sign in to the Azure portal with an account that is a Global administrator in the organization. 如果尝试删除具有初始默认域 contoso.partner.onmschina.cn 的“Contoso”组织,请使用 UPN(例如 admin@contoso.partner.onmschina.cn)登录。If you are trying to delete the “Contoso” organization that has the initial default domain contoso.partner.onmschina.cn, sign on with a UPN such as admin@contoso.partner.onmschina.cn.

  2. 选择“许可证”,然后选择“自助服务注册产品”。Select Licenses , and then select Self-service sign-up products. 可以从基于席位的订阅中单独查看所有自助服务注册产品。You can see all the self-service sign-up products separately from the seat-based subscriptions. 选择要永久删除的产品。Choose the product you want to permanently delete. 下面是 Power BI 中的示例:Here's an example in Power BI:

    显示“许可证 - 自助服务注册产品”页面的屏幕截图。

  3. 选择“删除”以删除产品并接受数据立即删除且不可撤销的条款。Select Delete to delete the product and accept the terms that data is deleted immediately and irrevocably. 此删除操作将删除所有用户并将删除组织对该产品的访问权限。This delete action will remove all users and remove organization access to the product. 单击“是”以继续执行删除操作。Click Yes to move forward with the deletion.

    显示“许可证 - 自助服务注册产品”页面的屏幕截图,其中“删除自助服务注册产品”窗口处于打开状态。

  4. 如果选择“是”,将启动对自助服务产品的删除。When you select Yes , the deletion of the self-service product will be initiated. 会通知你正在执行删除操作。There is a notification that will tell you of the deletion in progress.

    显示“许可证 - 自助服务注册产品”页面的屏幕截图,其中显示了“正在进行删除”通知。

  5. 现在,自助服务注册产品状态已更改为“已删除”。Now the self-service sign-up product state has changed to Deleted. 刷新页面时,该产品应该已从“自助服务注册产品”页中删除。When you refresh the page, the product should be removed from the Self-service sign-up products page.

    显示“许可证 - 自助服务注册产品”页面的屏幕截图,其中右侧显示了“已删除自助服务注册产品”窗格。

  6. 删除所有产品后,可再次登录 Azure AD 管理中心,这里应没有必需的操作,也没有产品影响你删除组织。Once you have deleted all the products, you can sign back into the Azure AD admin center again and there should be no required action and no products blocking your organization deletion. 你应该可以成功删除 Azure AD 组织。You should be able to successfully delete your Azure AD organization.

    用户名键入错误或未找到

后续步骤Next steps

Azure Active Directory 文档Azure Active Directory documentation