Each Entra ID tenant (or directory) is managed as an independent resource. There is no parent- child relation between directories, although users from one directory can be invited to another directory through Entra External Identities features.
Because each tenant is an independent resource, directories can be created and deleted as needed. This also means that each directory can have independent administrators and role assignments. Deleting an existing directory can affect resources outside the directory. For example, when deleting a directory where external users are present, those users will no longer be able to access any applications or resources that have been shared with them.
Finally, each directory can be synchronized independently as well. This means if you have two domains on-premises that need to be synchronized to two different Entra ID tenants, you have the flexibility you need when implementing hybrid identity with Entra.
Managing directories can include deleting directories or even an entire Entra ID tenant. To delete a tenant, Global Administrator rights are required. When a directory is deleted, all the resources or objects within that directory are deleted as well.
There are several prerequisites that must be satisfied prior to deleting a directory:
- There are no existing users or groups except for the single global admin.
- There are no enterprise application registrations in the directory.
- No MFA providers are linked to the directory.
- There are no subscriptions for Azure, Microsoft 365, or other Microsoft SaaS services associated with the directory.