A user has a personal Microsoft account (MSA) using their work email address (e.g., userid@example.com), which conflicts with the organization's M365 tenant where example.com is a verified domain. This causes "Work or school account?" prompts and prevents using the work email as the M365 sign-in.
- User has an alternate email address they control (e.g., Gmail, Yahoo)
- Admin access to M365 tenant
- Your domain (example.com) is already a verified domain on the tenant
- Sign into the personal MSA at account.live.com/names/manage
- Add a new alias (their personal Gmail, Yahoo, etc.)
- Verify the new alias via the confirmation email
- Set the new alias as primary
- Remove the work email address (e.g., userid@example.com) from the account
Store purchases, Visual Studio subscriptions, and other MSA-linked assets remain intact—they follow the account, not the alias.
- Sign into admin.microsoft.com
- Go to Users → Active users → select the user
- Add the released email as an alias (Manage email aliases)
- Optionally, set it as the primary username/UPN
- Sign out of Teams completely, then sign back in with the new identity. Teams may show a stale cached entry for the old account—ignore it and sign into the correct account.
- Reboot Windows devices to clear cached credentials.
- Sysadmin should work with the user to verify all M365 services are authenticating correctly (Outlook, OneDrive, SharePoint, etc.). Expect some re-authentication prompts.
- The .onmicrosoft.com address (e.g., userid@example.onmicrosoft.com) is retained automatically and cannot be removed
- OneDrive URLs retain the original UPN structure (cosmetic only)
- Some apps may retain stale account entries in their picker UI even after successful migration