Teams Allows Any User To Hijack and Lock Domain With No Recourse
Someone, at some point in time, registered a teams account under our company domain. As a result, they are the "admin" with no verification that they own the domain, just that they have an email on the domain.
Now, no one from our domain can create a teams account, they receive an error on account creation saying someone else is the admin on this domain and can invite them, hard stop. Error does not say who this "admin" might be. MS support says there is no way to know who this "admin" might be, even internally at MS. We have hundreds of employees with company email accounts. This is a massive flaw/security issue that a single person with an email address on a domain can claim ownership without verification, and with no ability for MS to actually identify which account this might be.