Try our new research platform with insights from 80,000+ expert users

AWS Directory Service vs Microsoft Entra ID comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 2, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Directory Service
Ranking in Identity and Access Management as a Service (IDaaS) (IAMaaS)
16th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
15
Ranking in other categories
No ranking in other categories
Microsoft Entra ID
Ranking in Identity and Access Management as a Service (IDaaS) (IAMaaS)
1st
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
225
Ranking in other categories
Single Sign-On (SSO) (1st), Authentication Systems (1st), Identity Management (IM) (1st), Access Management (1st), Microsoft Security Suite (2nd)
 

Mindshare comparison

As of April 2025, in the Identity and Access Management as a Service (IDaaS) (IAMaaS) category, the mindshare of AWS Directory Service is 1.8%, down from 2.5% compared to the previous year. The mindshare of Microsoft Entra ID is 28.4%, down from 29.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Identity and Access Management as a Service (IDaaS) (IAMaaS)
 

Featured Reviews

Basa Saiteja - PeerSpot reviewer
A valuable access management system with a user-friendly and straightforward setup
The solution is scalable, and we can scale according to our needs. I rate the scalability a nine out of ten. In our organization, our access to our AWS comes from IAM. We use AWS consoles using our credentials and don't have route access, so each person will log in through our IAM programmatic access, and everyone on our team can work on cloud. Over 10,000 people in our organization utilize the solution.
Aaron Liang - PeerSpot reviewer
Has significantly improved secure access to applications and resources in our environment
Microsoft Entra ID has helped by simplifying our management of permissions for APIs. We are not directly exposing credentials, as we use tokens instead. It has made management easier and more secure, especially in a multi-user environment. The implementation of Microsoft Entra ID significantly improved secure access to applications and resources in our environment, primarily through the widespread use of single-sign-on. Managing API permissions became much easier, as application registration often involves calling an API to utilize services without directly exposing credentials, relying instead on token-based authentication. This streamlined approach benefits end-users by simplifying access while remaining transparent to them. Ultimately, my role focuses on ensuring a smooth and user-friendly experience, even if the underlying technology remains unseen by the end-users. Our company strongly emphasizes passwordless authentication, primarily through device-bound passkeys in Microsoft Authenticator. While administrators with high-privileged accounts utilize YubiKeys and passwords for tasks like accessing Microsoft Graph, we are actively transitioning all other users towards passwordless methods such as Windows Hello biometrics. This approach streamlines authentication and enhances security. Though initial deployment in 2022 presented challenges due to hardware limitations and the lingering effects of the COVID-19 pandemic, the technology has significantly improved and provides a simple and effective user experience.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We like the fact that it's got such great redundancy."
"The solution integrates well with other tools, particularly through single sign-on, allowing users to connect to various applications using just one password, including email."
"AWS handles everything on the backend requiring minimal legwork from our team. We only require a dedicated database administrator while depending on Amazon for RDS."
"I would rate AWS Directory Service nine out of ten."
"AWS has eliminated the downtime we waste when our on-premises resources go down."
"The most valuable feature of AWS Directory Service is cost-cutting features."
"The most valuable feature is ease of use."
"The AD Connector is very good and easy to implement."
"We have the ability to define the email user in the designated field."
"I like the way it communicates to the cloud."
"It enhanced our end user experience quite a bit. Instead of the days of having to contact the service desk with challenges for choosing their password, users can go in and do it themselves locally, regardless of where they are in the world. This has certainly made it a better experience accessing their applications. Previously, a lot of times, they had to remember multiple usernames and passwords for different systems. This solution brings it all together, using a single sign-on experience."
"It's very user-friendly for users."
"It is a central point where we provide the cloud lock-in for our company. We focus the multi-factor authentication within Azure AD before jumping to other clouds or software as a service offerings. So, it is the central point when you need to access something for our company within the cloud. You go to Azure AD and can authenticate there, then you move from there to the target destination or the single sign-on."
"The most valuable feature of this solution is that is easy to use."
"Microsoft Entra ID efficiently responds to numerous requests, and we have not faced significant connectivity issues, making it reliable."
"We have a complex scenario with several applications, and we're trying to achieve SSO for most of our applications, but some of our legacy applications don't support SSO or modern protocols. Our core applications are ready for SSO or to be federated. We've centralized our authentication process using Entra ID, so we can collect sign-offs from the users and filter using conditional access."
 

Cons

"The AWS Directory Service should be easier to integrate."
"I've encountered challenges, particularly with Amazon WorkDocs, which is being deprecated. This has made it necessary to find an alternative document management solution that can handle editing, sharing, and workflow management for documents like Word files and PDFs."
"Can be improved by including on-premises access for services through Identity Access Management."
"AWS Directory Service needs to improve processing."
"We had a problem with the schema uploading and setting up the directory when we are migrating our users from on-premises to cloud infrastructure."
"Our only complaint is that you cannot integrate your Exchange server. Or, if you are planning to install an Exchange server on your Amazon EC2 instance, then you need to configure Active Directory on EC2 instance. We would like for this limitation to be lifted."
"The group policy can be improved."
"To get CloudWatch to monitor your memory and storage, you have to do some configuration within your server, which sometimes results in errors."
"Microsoft Authenticator is as easy as Google Authenticator, but it is not open to all types of applications. Google Authenticator is integrated with other third-party platforms and applications, whereas Microsoft Authenticator is not. It should have more integration with third-party platforms and applications."
"Customers should be informed that public review features are not intended for production use."
"They have had a few outages, so stability is a little bit of an issue. It is global. That is the thing. I know some of the other competitors are regionalized ID platforms, but Entra ID is global, so when something goes wrong, it is a problem because it underpins everything, whether you are logging in to M365 or you have single sign-on to Azure, Autopilot, Intune, Exchange mailbox or another application. If there is a problem with Entra ID, all of that falls apart, so its great strength and weakness is the global single tenant for it. Stability is a key area for me. Otherwise, it is generally pretty good."
"I want better integration between Azure AD and the on-prem environment because there are currently limitations that can hamper employee experience. We use a feature called password writeback, that can be challenging to implement in a hybrid environment. Employees can change their passwords using a self-service password reset (SSPR) feature, which reflects from the cloud to the on-prem identity, but not the other way around. Currently, there is no way to reflect passwords from on-prem identities to the cloud."
"From time to time it takes a little bit of time to replicate, with some of the applications—something like five to 10 minutes. I know that the design is not supposed to enable real-time replication with some of the applications. But, as an administrator, I would like to run a specific change or modification in Azure Active Directory and see it replicated almost immediately."
"I haven't had any issues with the product."
"It would be awesome to have a feature where you can see the permissions of a user in all their Azure subscriptions. Right now, you have to select a user, then you have to select the subscription to see which permissions the user has in their selected subscriptions. Sometimes, you just want to know, "Does that user have any permissions in any subscriptions?" That would be awesome if that would be available via the portal."
"Microsoft's technical support has shortcomings where improvements are required."
 

Pricing and Cost Advice

"We pay an annual subscription fee."
"The pricing is reasonable."
"The pricing depends because with AWS there are two types of directory objects: 30,000 and 500,000. It varies. AWS provides the pricing calculators so we can get an estimate from there as per the company requirement of how many users and objects that we need to create. So we can go to that portal, put in the data, and get the quotation. There are no extra licensing fees. It's all included."
"AWS' pricing is fair, and costs can be cut if you look carefully at when you're using it."
"Compared to other Microsoft products, the cost is not too expensive. There's a free tier available, though it doesn't include all features. Overall, it's well-priced."
"The pricing of Azure Active Directory is competitive. By default, the product exists in almost every Microsoft cloud product. But it then depends on the features that a customer really wants to make use of."
"Licensing fees are paid on a monthly basis and the cost depends on the number of users."
"The licensing model is straightforward. I don't think there are any issues with the E3 license or E5 license."
"It is in line. Because we are so early, we have not had to come back on a cycle where we are having to negotiate again."
"The E5 plan we are using contains the premium plans for Azure Active Directory. We are not paying only for the Azure Active Directory Premium licenses. We have it already included within our E5 plan."
"It is not too expensive."
"Entra's pricing is somewhat higher compared to AWS."
report
Use our free recommendation engine to learn which Identity and Access Management as a Service (IDaaS) (IAMaaS) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
10%
Healthcare Company
10%
Manufacturing Company
7%
Educational Organization
31%
Computer Software Company
10%
Financial Services Firm
9%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about AWS Directory Service?
The most valuable feature of AWS Directory Service is cost-cutting features.
What is your experience regarding pricing and costs for AWS Directory Service?
The pricing is very good because it is low and there is no management cost. You do not need to hire any system administrator to manage your Active Directory.
What needs improvement with AWS Directory Service?
Accessing the data needs improvement. Additionally, integration and compatibility with other AWS ( /products/amazon-aws-reviews ) services, network open LDAP, support for on-premise and cloud envir...
How does Duo Security compare with Microsoft Authenticator?
We switched to Duo Security for identity verification. We’d been using a competitor but got the chance to evaluate Duo for 30 days, and we could not be happier. Duo Security is easy to configure a...
What do you like most about Azure Active Directory?
It is very simple. The Active Directory functions are very easy for us. Its integration with anything is very easy. We can easily do third-party multifactor authentication.
What is your experience regarding pricing and costs for Azure Active Directory?
Microsoft Entra ID is reportedly quite expensive for each user regarding security features. The renewal cost is particularly high according to the teams managing purchases.
 

Also Known As

AWS Managed Microsoft AD
Azure AD, Azure Active Directory, Azure Active Directory, Microsoft Authenticator
 

Interactive Demo

 

Overview

 

Sample Customers

Expedia, Intuit, Royal Dutch Shell, Brooks Brothers
Microsoft Entre ID is trusted by companies of all sizes and industries including Walmart, Zscaler, Uniper, Amtrak, monday.com, and more.
Find out what your peers are saying about AWS Directory Service vs. Microsoft Entra ID and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.