WingNews logo WingNews
top | item 32382389

(no title)

dailen | 3 years ago

I posted this on their reddit shortly ago. It's not only sensationalized, I'm gonna guess the knew part of this prior to writing the article. It's easy enough to resolve, you re-verify the domain (assuming they don't know which account was used originally) then you decomission the domain from Microsoft services. Frees it up to be used again bc it's no longer considered a managed organization's domain.

=================================

I work for an IT MSP and can attest what you're seeing is by design and occurs for a technical reason and is a security feature by Microsoft as a means of an organization controlling who can and cannot register accounts claiming to be from an organization or is not.

This means that someone created a Microsoft organization (business) account and verified the domain tutanota.com. Once this is done no one can register a personal account.

On the technical side, Microsoft has Teams highly integrated with Exchange Online. When there manages to be both a business org and personal accounts with the same domain, Microsoft services get tricky. When you "share a file" with someone it may not make it to your account. Could be because it tried to send it to the business org but it didn't find an account so it just fails and the recipient never gets anything. Causes all sorts of problems across the board and sometimes we have to go finding all the personal accounts using the company domain and change the email associated with the personal account.

When you are troubleshooting this, there's two ways to login to Microsoft really, the business/organization side or the consumer/personal side. Now if you happen to be on both by registering for a personal Microsoft acct prior to the organization verifying its domain, then some parts of Microsoft's sites/services make some assumptions as to which one you probably want. To rule out account confusion, I go to https://myworkaccount.microsoft.com or https://account.microsoft.com and login with the appropriate account.

If Tutanota does not using Microsoft for any sort of organizational management, Microsoft single sign on, Azure services, etc, then just contact their customer service to tell them that the domain was verified but you can't find the account associated. They may ask you to do your own verification by adding a txt record. Once you have control of the verified domain, you can go through a process to completely remove the domain from Microsoft services.

discuss

order

No comments yet.