Partner Sales Connect (Connect) uses Azure Active Directory (Azure AD) for user authentication. If you have Azure AD, Office 365, or Dynamics CRM subscriptions this document will help you determine if your company has Azure AD configured correctly and explain how to establish a new Azure AD tenant if required.
Office 365 and Dynamics CRM subscriptions establish an Azure AD tenant as part of the setup for these subscriptions. Please refer to the Office 365 section in this document for information on adding/removing users, configuring the Active Directory integration, or understanding more about Azure AD and Office 365 integration.
- Start your browser of choice and go to: https://partnersales.microsoft.com
- Depending on your browser configuration, Connect will automatically use your current credentials (email address and password). Otherwise, you will be prompted to enter the email address and password you use at your company (not your personal Microsoft account).
- After performing the tests below, if you need to sign in using different credentials, please start a new private browsing session (for example, InPrivate, Incognito, and Private Browsing) for Connect to always prompt you for your credentials.
Note—for Microsoft P-Sellers: If you are part of the Microsoft P-Seller program and you received a microsoft.com alias, you cannot use this alias for Connect because it is not associated with your company. Follow the instructions above, using your company credentials.
The goal of these tests is to confirm that your Azure AD account is set up correctly. The following instructions provide detailed troubleshooting steps based on error messages that you might see after entering your credentials after Connect starts
- After signing in, Connect checks whether you have an authorized partner account at Microsoft. If you see the following message, your Azure Active Directory is set up correctly—provide this email address to your Microsoft contact to configure your sign-in credentials.
Note: If your email address listed in this error message—as shown in the example, below—has a live.com# prefix, this means that the partner email address is linked to a personal Microsoft Account (that is, Live.com, Hotmail.com, or Outlook.com).
- To fix this problem, you’ll need to rename or unlink your company email address from your personal Microsoft account. See https://support.microsoft.com/help/11545/microsoft-account-rename-your-personal-account, on the Microsoft Support site to learn how.
- If you’ve signed in successfully, and this is your first time using Connect with these credentials, you’ll need to provide permission for Connect to read your profile.
- After your configuration has completed, the next time you sign in, you will see the Connect dashboard and will be ready to work in the system.
- When you sign in, if you see a screen asking "Which account do you want to use?", it means that you have two accounts with Microsoft using the same email address:
- A “Work or school” account, which probably was created by your IT department
- A “personal” account, which you probably created yourself
You can resolve this problem by renaming your personal account, which means using a different email address to sign in to it. Doing this is safe. You’re only changing the way you sign in to your account, and it won’t impact any of the data associated with it. Follow the instructions in this article: https://support.microsoft.com/help/11545/microsoft-account-rename-your-personal-account.
If you see a “bad request” message, you may have entered a Microsoft Live ID or some other credentials instead of your company credentials. Repeat the sign-in instructions using your company credentials instead, or follow the instructions in the Establish Azure AD for your Organization section to establish Azure AD for your organization.
Note: If you see a “…isn’t in our system” message, this means that your email address isn’t set up for Azure AD or Live ID. Be sure you ignore the instructions on the screen about getting a new Microsoft account, as this will create a new personal Microsoft account. Connect requires a connection to an Azure AD organization that can be established by following the following instructions. See the Establish Azure AD for your Organization section to learn more.
If you do not have a valid Azure AD account, Office 365, or Dynamics CRM subscriptions, your organization will need to establish a new Azure AD tenant. You should first check with your IT team—they might ask you to use a different Azure AD account instead of your standard email address. If your organization needs to create a new Azure AD tenant, follow these procedures and then repeat the process, above, using your account.
Skip to the Information for Office 365 or Dynamics CRM subscription holders section if you have one of these subscription types.
- Follow the steps in the following link to setup a new Azure AD tenant: https://account.windowsazure.com/organization.
- In the DOMAIN NAME field, enter your company domain name without the “.com” portion. As an example, you’d enter Contoso for Contoso.com
- Add users for each unique Connect account.
- Provide this information to Microsoft to configure your credentials.
If you see an error message saying that the domain name is already taken, check with your IT department— it is possible that an Azure tenant is already set up. Once you confirm a tenant does not exist, try a slightly different name, such as Contoso2. The domain name that’s created is a placeholder until you complete the Azure AD Configuration to integrate your company’s Active Directory with the Azure AD tenant.
Note: establishing a new Azure AD account may require you to create an Azure account if you have not signed up for Azure before. You’ll start with a free trial, which will convert to a Pay-As-You go subscription at the end of the trial. Azure does require a Credit Card to create the trial account, however, using Azure AD only with Connect has no cost. If you decide to take advantage of other Azure features or services, you may be charged for their usage. A comparison of Azure AD pricing can be found here: https://azure.microsoft.com/en-gb/pricing/details/active-directory/.
You can learn more about how Office 365 and Azure AD interact in this article: https://support.office.com/article/Understanding-Office-365-identity-and-Azure-Active-Directory
To add or remove users to your Office 365 Azure AD configuration please refer to this article: https://support.office.com/article/Add-users-individually-to-Office-365-Admin-Help
After the users have been added, please contact your Microsoft representative.
Completing your Azure AD Configuration
This requires domain administrator privileges. If you’d like to learn more about Azure AD, you can read this MSDN article: https://msdn.microsoft.com/library/azure/jj573650.aspx
Or, you can watch the What is Azure AD video:https://channel9.msdn.com/Series/Windows-Azure-Active-Directory
You can improve the experience for your users by associating your Azure AD tenant with your company domain and email. Instructions for adding your email address domain are in Azure AD, in the “Set Up Directory” section. Be sure to complete at least Step 1: “Improve user sign-in experience.”
You can integrate your Azure AD tenant with your local directory to synchronize your passwords and other information. This is the recommended approach. Instructions to integrate with your local directory are in Azure AD, in the “Set Up Directory” section.
Provide the email address associated with each user in Azure AD that you want to have access to connect to Microsoft. Your Microsoft representative will us this information to configure your access.
Note: Using the Contact Microsoft Support button requires you to login into the MPN site using a valid Microsoft Partner Network login. If you do not have a valid Microsoft Partner Network login or are having problems logging in to MPN, you can get more information or assistance from the MPN Support site.