Microsoft Active Directory Reviews

Active Directory has been a valuable tool throughout my career in IT. We have not found anything that can compete with it in terms of functionality or solutions. With Active Directory, we can manage users, groups, and machines, add domains and forests and create trust relationships between domains. This is just a small sampling of what Active Directory can do. Windows Server is a great platform on which Active Directory is built.

The solution helped us create and modify objects for each user in our environment. We gave them the delegation and permission they needed based on their function. It was very helpful, especially in managing these users on each site. We were able to implement domain controllers as a primary and additional domain controller as a redundancy for each other. We were also able to create users and additional UUs. It depends on the departments, the business need, and the group policies that we are going to apply.

We can delegate the administration of Active Directory objects and apply group policies to groups of OUs. This is the best way to manage Active Directory. We can also have separate domain controllers in different Active Directory sites based on their location. We manage replication between sites through Active Directory sites and services. We can provide insight into what is being done, which will replicate across these domain controllers in just a few seconds. This will ensure that our data or any modifications, any creations have been replicated successfully to the other domain controllers.

There is no room for improvement because Microsoft's solutions have moved from on-prem to the cloud. We won't see any improvement or enhancement in these on-prem solutions because, according to the Microsoft websites, all the information related to Active Directory and Windows Server has been retired and there is no more information about it. Microsoft has discontinued the solution and moved on. Microsoft has verified that all on-prem solutions will stop receiving support by 2030. 

The GUI has been the same from 2012 to 2016, and from 2019 to 2022. If Microsoft is going to add anything to the on-prem solution, it should be an updated GUI. 

I have been using the solution for six years.

I give the stability a nine out of ten.

I give the scalability a nine out of ten.

The Microsoft Support team often lacks the ability to provide timely support. Their response time is often slow, which can be frustrating for customers.

Neutral

The initial setup is straightforward. I am very familiar with the solution and the setup is a piece of cake. 

I give the ease of setup a ten out of ten.

I have seen a return on investment with the solution.

I give the solution a ten out of ten.

We need to know how many domain controllers we require in our environment in order to create a primary and redundant domain controller. Additionally, we need to follow a naming convention to avoid duplicate users and misspellings. The number and size of RAMs needed for our Active Directory will depend on our workload. We need to design our Active Directory well to ensure a good experience.

I find the product makes it easier to enhance various tools with Microsoft Active Directory. Active Directory can be either on-premises and can also synchronize with the online version of Microsoft Entra.

I find the solution very useful. I can control all the devices in my domain by just changing the group policies in one place.

Perhaps the synchronization could be simpler and more controllable. There are some features that need improvements in terms of ease of use and frequency of updates.

I have used the solution for ten years.

As I said before, there are some things that can be done to improve the integration, mostly with other solutions.

I have never used technical support. I like to solve my own problems.

Neutral

I have always used Spitterest.

I find the setup straightforward, except if I want to make some customizations, it becomes more complicated.

Implementation is done in-house.

I do see a return on investment with this solution.

I'd rate the solution nine out of ten. I find the solution clear.

We are still on a hybrid environment where we have Azure Directory on-premises, and sync it up to Microsoft.

The password policy helps enforce security protocols by requiring complex passwords and frequent password changes. Additionally, we do not allow users to reuse their last twelve passwords.

The features that I found most effective are the group policies. They allow us to set password policies and other specific setups in the end-user object.

The challenges everyone now has in mind is how to really migrate fully to the cloud. Many companies face both technical and cost-related challenges when moving from on-premise Active Directory to Microsoft Intra. Additionally, not all features available on-premises, such as the RADIUS server, are available in the cloud, necessitating alternative solutions. Moreover, the cost of migrating to the cloud is a significant hurdle due to the yearly subscription fees.

I have been using the solution for around ten years.

We have no complaints regarding the stability of the solution. I would rate the stability nine out of ten.

I rate the scalability a seven out of ten. There are many dependent objects to check, such as compatibility of RADIUS servers, which require time and technical checks.

I have contacted Microsoft support before. The experience can vary; sometimes it is good, and other times it is bad. Much depends on the help desk. My rating for tech support is five out of ten. 

One recommendation for improvement is that support should correspond with the preferred mode of communication indicated in the ticket. Additionally, they should be aware of user time zones to avoid calling at inconvenient times.

Neutral

I have used Microsoft Active Directory and Google.

I have seen value in using Microsoft Active Directory. While it may not return a direct financial ROI, it is a critical part of our infrastructure alongside other solutions like Google Directory.

Microsoft Active Directory can be a suitable choice if you want a suite of Microsoft products like PowerPoint and other Office tools. However, the choice between Google and Microsoft depends on the company's nature of business.

I'd rate the solution eight out of ten. 

Commonly, we engage in three key use cases. The first involves upgrading customer’s outdated directories like 2008 or 2012 to newer versions for improved structure. The second revolves around creating a hybrid setup with Office or Azure cloud, aiming for single sign-on across both. Lastly, we often tackle restructuring situations due to mergers or acquisitions, where directory structures must be unified into a shared infrastructure. These are the typical scenarios we handle in our projects.

One noteworthy aspect we discovered is the ability to exercise tight control over systems, specifically Windows PCs. This pertains to the management of policies, usage patterns, and user access on these devices, particularly within the framework of Active Directory which is extremely well thought. This actually works better with on-premises solutions. However, as the global trend shifts towards cloud and hybrid environments, Active Directory and its use is diminishing. Yet, it hasn't entirely lost its relevance and remains a presence that cannot be entirely disregarded.      

Typically, it depends on the customer's situation. If the customer operates in smaller locations where most PCs are in a common location, we usually aim to consolidate the directory infrastructure for easier maintenance. However, for distributed setups spanning multiple countries, configuring multiple sites becomes necessary and more intricate to handle. Our objective is to minimize the number of sites, simplifying operations for IT administrators and reducing errors. Mistakes in Active Directory can be costly for organizations, as disruptions can occur rapidly.

Moreover, when it comes to hybrid single sign-on across various applications, Microsoft hasn't put forth significant effort. Single sign-on has become a challenge for many customers who utilize diverse solutions beyond Microsoft products. While implementing single sign-on is relatively straightforward in the Azure cloud, it's considerably more complex when dealing with the local Active Directory. This presents a big challenge for many of our customers.

I have been working with Microsoft since 2000 and was a part of the Microsoft Active Directory Development team in Windows.

The stability and effectiveness of the setup depends on its design consideration of future growth. For instance, if a company starts with a thousand PCs but foresees expansion to ten or fifteen thousand PCs over five years, the solution should involve adding servers rather than restructuring the entire network. Unfortunately, we often find that this foresight is lacking in many cases. The initial design should be though-through with growth in mind to ensure scalability and stability.

Active Directory was an extension of the Windows NT infrastructure and wasn't designed for extreme scalability. It was intended for organizations with around five to six thousand PCs.

However, as organizations grew to more than twenty-five or thirty thousand PCs, the complexity of managing it increased significantly. Especially when managing across different countries or regions, the complexity could lead to errors, issues with patches, and other problems. For large organizations, we often suggest a hybrid solution involving Azure Directory. This way, local Active Directory is still present, but there's less dependency on it and more reliance on the cloud. Cloud solutions like Azure offer virtually limitless scalability compared to local setups constrained by server and network infrastructure.

We have a technical support team in place. In most Active Directory cases, the customers have external support from vendors. In that case, our observation is that if the initial setup is executed well and the system operates smoothly, there are fewer and simple user issues. The maintenance tasks remain minimal.

In the case of Microsoft vendor support, we have extremely poor support quality in our interactions with numerous customers. The received support has been lacking in effectiveness, largely due to the practice of assigning relatively inexperienced individuals who are learning as they go. Dealing with such a complex infrastructure as an active directory, experimenting can worsen the situation.

Neutral

Certainly, we have worked with Novell's Directory Infrastructure, which initially outperformed Microsoft's Active Directory. However, Microsoft rapidly closed the gap and swiftly gained prominence, and became one of the directories that could manage PCs

NetWare emerged as an easy-to-deploy and manage solution with good stability. The Windows NT infrastructure or Active Directory required many servers or just one server. The NT domain was less stable and based on a single server which had a lot of issues and could bring down the entire network. However, Microsoft addressed this concern in subsequent versions, effectively eliminating the problem.

When dealing with a new directory structure, the process is generally straightforward and clear. The approach depends on the organization's desired business rules. In cases of restructuring, the level of complexity varies based on the type of restructuring, whether it involves straightforward consolidation or the amalgamation of two distinct organizations. Rather than rating, the most complex scenario arises during the restructuring of directories, particularly when merging two companies or distinct structures. The complexity arises from the case to simplify and bring the rules on the same ground from each entity into a unified set suitable for the new organization. In my view, these projects have posed one of the most difficult cases.

For a fresh setup, the server infrastructure typically requires a few days or even less. The server setup is generally straightforward, but the time-consuming part lies in manually joining the PCs to the domain, as there isn't a fully automated method for it.

Active Directory is an expensive solution, primarily due to Microsoft's licensing model. This licensing approach includes paying for server licenses as well as for each computer that connects to it. However, when working with the Azure cloud, there is no cost for the server. This is profitable and one of the main reasons why Azure Cloud and other cloud-based solutions are being used more. 

There are certain scenarios where an Azure or cloud-based system might be unsuitable. For example, industries like power plants or government agencies might have restricted cloud connectivity due to regulatory or security concerns. In such cases, the utilization of Active Directory becomes the choice for managing on-premises infrastructure, as cloud isn't feasible option.

I would rate the overall solution an eight out of ten.

We only use Active Directory in my location for login purposes. We give permissions to file servers.

The most valuable feature is the configured appliance system in Hypervisor. We find Active Directory to be simple and effective. We mainly use it for file servers and user security. We don't utilize many advanced features.

The initial setup should be easier. It's complex and has replication and synchronization issues.

The technical support team does not give prompt responses.

I have been using the solution for the last four years.

It is a stable solution as there are no crashes or downtime. I rate it a ten out of ten. It is very good performance-wise.

It is a scalable solution. In my location, we have a total of 46 users. I rate it a ten out of ten.

The technical support team is not good as they do not provide prompt support. I rate them a five out of ten.

Neutral

Active Directory's initial setup is complex because, for some parts, like replications or synchronization, there are some problems that need to be verified. 

There is an expert-level requirement, and we are not experts. So we speak to Microsoft's support, but they are also not capable. 

Role deployments will take two to three hours. But fresh installation, if we are installing and configuring it, takes one to two hours.

Our team configured it and performed the installation and configuration.

The pricing model differs for India and other countries. Our procurement was based in India for a Microsoft license. The branch in our location is responsible for providing us with the software and licenses. They have an IT team that takes care of all the software-related matters.

Since we started to use it and configured it with our server, we haven't experienced any downtime, instability, or crashes. I have had a good experience with this solution and with Microsoft.

I rate the solution a ten out of ten.

Our primary use case is to inform the user of access and single sign-on support to the internet.

The most valuable features are it is easy to use, manage, create a repository, and create the OM.

I would like to see the integration with Mac and IOS products improved. I would also like to have some similar functionalities in the on-premise solution that they have on the cloud solution.

I have been using Microsoft Active Directory for the past six to seven years.

Microsoft Active Directory is a stable solution and there are patches available when there are issues.

There is definitely scalability, we currently have around one thousand six hundred users.

Customer support is available however going directly to a technician is not our primary support option. We are able to use online forums and documentation before we involve a customer service technician.

Positive

In most cases the initial setup is straightforward. If you work in a greenfield environment, then it is easy to perform. But if you are using any previous products like the earlier versions of Microsoft Active Directory, then it is actually difficult to take the downtime and then reconfigure the Microsoft Active Directory on the new server and then re-implement the users in it. The initial migration is complex and challenging, but the greenfield implementation is okay.

The license is perpetual and the cost is minimal. If you purchase Microsoft Windows then Microsoft Active Directory comes with the package.

I think it is highly recommended to use Microsoft Active Directory knowing how it operates. I would rate Microsoft Active Directory an eight out of ten.

I utilize it in almost every scenario. I use the Hazer database and meet daily needs across every industry, every time.

Having active deployment and well-configured systems helps me manage tasks and easily oversee thousands of users.

Technology is evolving. AI is offering solutions. However, short-term fixes are like band-aids.

I have used the solution for a very long time, spanning 25 years.

I have encountered a few stability issues.

I have encountered a few scalability issues.

I expect quick responses from Microsoft, however, in general, assistance can be found in English or occasionally in Turkish. Support documents are available on the internet in every language.

Neutral

I advise consideration of this solution. 

The overall product rating is ten out of ten.

We use the solution as a user repository for window servers and platforms. Also, we have Line App platforms, actively using Line Asset Align to host our account and claim access based on active directory code.

The solution's most valuable feature is its ability to plan and manage different policies and functionalities.

The solution's price could be better.

I have been using the solution for more than ten years.

The solution is relatively stable. There are no issues of stability right now.

The solution is easy to scale. Our entire enterprise uses it.

The solution's technical support is good if you purchase the premium service.

Positive

Microsoft Active Directory is quick and easy to install. As for the deployment, it is a matter of a few hours. It takes about one or two engineers to deploy. Also, as for maintenance, one person is enough. The patching can be configured automatically.

We purchase the license for the solution on a yearly basis. However, they have converted the licensing model into a subscription. But it is worth the money.

There are no issues in terms of the performance and configuration of the solution. It is user-friendly and has a lot of UI features. Also, they are about to deploy new AI-based features.

Microsoft offers higher licenses as well. Thus, I advise others to select the licenses that fit their company's requirements. Otherwise, they will end up paying more.

I rate the solution a nine out of ten.