How to add new users or users with Microsoft accounts to Azure AD and subscription?
Well you can add user with different domain email id (guest) or another option is you can create user with azure domain suffix. adding user with 3rd party suffix(non azure verified domain) may add user as guest in azure ad.
Lets go ahead with add user wizard.
step 1 – Log in to azure portal with global admin user -> go to azure active directory -> click on add user
Step 2 – enter all required detail and user name end with your microsoft domain suffix, in my case it is “arunsabaleatos.onmicrosoft.com”. Also make sure that you ser the directory role and copy the password as well because azure generate password while creating new user. then click on create button
step 3 – if in case you forget to assign directory role and you may want to change the directory role then go to azure AD -> all users -> click on user name -> click on directory role – > now you will be able to add whatever role you want. if you dont want user to perform any action like creating new user , managing user, exchange admin, billing then its better to assign “user” role or again “guest invite” under “limited administrator”
So far we have just created user, now the main part is to add permission on subscription so that user can create any resources in azure subscription.