I previously created (successfully) a Windows Azure Active Directory, added a custom domain, and configured it for both single sign-on and directory synchronization using an on-premise ADFS2.0 server. So far so good.
Having realised I should have attached the custom domain to an existing WAAD rather than the new one, I then decided to delete the new one. To ensure there was no risk of deleting any objects in the on-premise AD, I first deleted the trust relationship on our on-premise ADFS server.
Unfortunately, this has now left me in a situation where I'm unable to use the Azure Active Directory PowerShell cmdlets to manage the WAAD - Connect-MSOLService either returns "Exception of type 'Microsoft.Online.Administration.Automation.MicrosoftOnlineException' was thrown." if I use the Microsoft Account credentials of the subscription owner (but where the email address happens to be on the same domain as the custom domain I added), or "The user name or password is incorrect. Verify your user name, and then try again" if I use the credentials of another Global Administrator of that directory with an email address not on the custom domain.
Both sets of credentials allow logging in to the portal successfully.
Unfortunately I can't now delete the WAAD, because it contains objects - and without PowerShell access, I don't believe I can bulk delete the ~500 users and groups that got sync'd from on-premise before deleting the trust.
Any idea how I can either recover the trust relationship, connect successfully with PowerShell, or delete the unwanted directory?
Many thanks!