We have a company DevOps organization that was created by me and I was the active owner, the ownership was transferred to an external developer to setup build and other settings for a project. The ownership remained in his name and he is not active on the project anymore.
When I try to access the site it shows that it was deleted and me as (Member) at the end. Is there any way to re-gain access to this organization and recover it?
The DevOps organization was never linked to our AD and was setup separately by my self, I have proof that I did the setup, and the organization name is our company name.
To recover a deleted organization in Azure DevOps, you need to meet the following requests:
An organization deleted within the last 28 days.
Organization Owner permissions to restore your organization.
To change the organization owner, you must be a Project Collection Administrator or an organization Owner. It seems you don't have these permissions, so you need to contact Azure DevOps Support.
Useful links:
https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/recover-your-organization?view=azure-devops
https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/change-organization-ownership?view=azure-devops
Related
This article describes the process of reclaiming an 'orphaned' Azure DevOps organization.
However, to be considered orphaned the organization must have no active administrators.
If your user is not a member of the organization, there appears to be no way to determine the members of the organization's Project Collection Administrators group (although there is a way to determine the organization owner).
Is there any way to reclaim an organization that is not orphaned, either because the owner is still active (but, say, unavailable) or because there are active (but unknown) users in the Project Collection Administrators group.
Is there any way to reclaim an organization that is not orphaned, either because the owner is still active (but, say, unavailable) or because there are active (but unknown) users in the Project Collection Administrators group.
If the organization is backed with AAD, you can still follow the doc "Assign owner to orphaned organization" to claim back the organization owner when the Owner/PCA is unavailable.
You can disable sign in the owner&Project collection administrator account from Azure portal, then the DevOps admin user can find the claim ownership button when access the Organization.
Or you can submit a support ticket on azure portal or Community forum to ask for support help.
Set approval process to delete any project/repos of Azure DevOps(ADO).
I have multiple owners in my private Azure Devops. From the docs it appears that any individual owner/users can go rogue and delete the entire Azure project/repo from existence though i know it can be restore easily in Azure devops within 28 days, But still I'd like to prevent that from happening.
Is there any way to set up Azure Devops user/group permissions such that deleting the repo requires the approval of its owners ? Kindly suggest if I missed the Azure docs if this feature is already there ?
Making myself the sole owner is not a viable solution, as I want to prevent myself (or an unauthorised user of my account) from having this power, too. So need to implement the approval process for this.
From below SS you can see it is not expecting any approval while deleting the whole project.
I'm afraid there is no such feature to approve delete request. However, you can set the delete permission of users to deny.
Project:
If you want to delete a project, you must be a member of the Project Collection Administrators group or have the Delete team project permission set to Allow.
You can set this permission to deny if you don’t want other users to delete the project. Members in Project Administrators Group can manage permissions or groups at the project level and their delete project permission is allow by default.
Repositories:
You can set the delete repository permission of users to deny.
In addition, for most groups and almost all permissions, Deny overrides Allow. For members of the Project Collection Administrators or Team Foundation Administrators groups, Deny doesn't trump Allow.
Unfortunately, you read correctly. There isn't a way to require approval prior to repo deletion.
However, what you can do is create a group of users that you would want to be prevented from deleting repos and update the repo permissions to include an explicit deny for the "Delete Repository" permission:
I disconnected my organization from Azure Active Directory and now it's missing from both my Microsoft account and this AAD.
It also didn't appear in recently deleted organizations.
It is still existing somewhere because I cannot create organization with the same name.
Before disconnecting it I double-checked that I am the owner of organization and it should remain on my account.
Lost organization after disconnecting it from Azure Active Directory
I had the same issue once, that was because I did not meet the prerequisites for disconnecting from AAD.
You could check if you meet the prerequisites for disconnecting from AAD based on this document:
Disconnect your organization from Azure Active Directory
Before you disconnect your organization from your directory, make
sure to change the organization Owner to a Microsoft account and not
to a school or work account. You can't sign in to your organization
unless your work or school account has the same email address as your
Microsoft account.
Add your Microsoft account to the Project Collection Administrator
group in Organization Settings and confirm that you have Global
Administrator Permissions in your Azure AD for your Microsoft
account. You need both because Azure AD users can't disconnect
organizations from directories. You can add Microsoft accounts to a
directory as external users.
As workaround, please try to access https://aex.dev.azure.com/ and change domain to see if your organization lists here:
Hope this helps.
I want to have a list off all the organizations within one subscription.
Some people have made their own organizations and i can see them
You can download a complete list of organizations backed by an Azure Active Directory (Azure AD) tenant. Check the following link:
https://learn.microsoft.com/en-us/azure/devops/organizations/accounts/get-list-of-organizations-connected-to-azure-active-directory?view=azure-devops
Using any organization backed by your Azure AD, complete the following
steps.
Sign in to your organization (https://dev.azure.com/{yourorganization}).
Select Organization settings.
Select Azure Active Directory, and then Download.
I have created an organization on Azure DevOps with my email id ( created by me) which is the same as my email id associated with my azure subscription.
I want to create an organization with the name and URL what I created with my personal account in Microsoft associated account.
I deleted one which I created and tried creating by login as a Work Account, however, I get an error organization already exits.
How can I get it resolved?
Azure DevOps can be linked to an Azure Active Directory. In your situation, I strongly suggest you do the following steps to link it and transfer the ownership to your work account:
Make sure you can fully control both your work account and your personal Microsoft account.
Link your existing Azure DevOps organization to your Azure Active Directory.
Add your work account as an administrator in your Azure DevOps organization.
Transfer the ownership of the organization to your work account.
Kick your personal account out.
Here are some tips:
You can link existing Azure Active Directory like this:
You can change the ownership of your Azure DevOps organization like this:
Backup solution
Of course, you can delete the entire Azure DevOps organization and recreate it. To delete it, make sure all your data is safe. And press the Delete button in the Overview settings.
After deleting it and you can re-create a new organization with the same name using your work account.