Scroll to top

Our Blog

How to Set Up Microsoft Entra ID Free Tier for Small Business Identity Management on Windows 10/11

Wondering how to set up Microsoft Entra ID Free Tier to manage users, devices, and access for your small business? This step-by-step guide shows you exactly how to get started using Windows 10 or 11 Pro devices and cloud identity. No Microsoft 365 subscription required.

This guide also highlights a common administrator login issue you’ll want to avoid, and explains the best practices for secure user and device management.

Step 1: Create Your Azure Account

  1. Visit the Azure free trial page
  2. Sign up with a Microsoft Account (e.g. yourname@outlook.com)
  3. Verify your phone number and add payment method details (you won’t be charged)

Step 2: Avoid This Common Admin Mistake

The Microsoft Account used to create Azure becomes a Global Administrator in your Entra ID tenant. However, it’s a federated identity, which cannot be used to join Windows devices to Entra ID.

If you try to join a device with this account, you may see this error in the sign-in logs:

  • Error Code: 50126
  • Source: Microsoft Authentication Broker
  • Reason: Incorrect username or password (even when entered correctly)

Solution: After setup, create a native Entra ID user (e.g. admin@yourdomain.co.uk) and assign it the Global Administrator role. Use this account for device joins and ongoing management.

Step 3: Access Microsoft Entra ID

  • Login to the Azure Portal
  • Open "Microsoft Entra ID" from the left-hand menu or search bar

Step 4: Add and Verify Your Domain

  • Go to Entra ID > Custom domain names
  • Click "Add custom domain" and enter your business domain (e.g. yourcompany.co.uk)
  • Add the required TXT record to your DNS provider
  • Click "Verify" once the record has propagated

Step 5: Create Users and Groups

Create Users

  • Go to Entra ID > Users > + New user
  • Example: jdoe@yourdomain.co.uk, with a temporary password

Create Groups

  • Go to Entra ID > Groups > + New group
  • Example groups: MarketingTeam, FinanceUsers, ITAdmins

Step 6: Join Windows Devices to Microsoft Entra ID

  1. On the device, go to Settings > Accounts > Access work or school > Connect
  2. Select "Join this device to Azure Active Directory"
  3. Enter credentials for a native Entra ID user
  4. Restart the device to complete the join

Best Practice: Don’t Use Global Admin for Day-to-Day Work

  • Reserve Global Administrator access for initial setup and emergencies
  • Use the Device Administrator role for joining devices
  • Allow users to join their own devices, using policy controls where appropriate

What’s Included in Microsoft Entra ID Free Tier?

Feature Included?
User and Group Management Yes
Windows 10/11 Device Join Yes
Multi-Factor Authentication (Basic) Yes
Single Sign-On (up to 10 SaaS apps) Yes
Conditional Access / Custom Branding No (Requires Entra ID P1)

Bonus: SSO Add-On Guide

Want to connect apps like Google Workspace, Dropbox, or Zoho to Microsoft Entra ID?

You can download our full Microsoft Entra ID Setup & SSO Guide (PDF) <-- Here.

Next in This Series

Contact Us
info@hybrid-it.co.uk
About Us

Hybrid IT Services provides professional computer repairs, IT support, and consultancy services to homes and businesses across Northumberland and Newcastle upon Tyne.

Update cookies preferences