Microsoft Active Directory Reviews

Active Directory has been a valuable tool throughout my career in IT. We have not found anything that can compete with it in terms of functionality or solutions. With Active Directory, we can manage users, groups, and machines, add domains and forests and create trust relationships between domains. This is just a small sampling of what Active Directory can do. Windows Server is a great platform on which Active Directory is built.

The solution helped us create and modify objects for each user in our environment. We gave them the delegation and permission they needed based on their function. It was very helpful, especially in managing these users on each site. We were able to implement domain controllers as a primary and additional domain controller as a redundancy for each other. We were also able to create users and additional UUs. It depends on the departments, the business need, and the group policies that we are going to apply.

We can delegate the administration of Active Directory objects and apply group policies to groups of OUs. This is the best way to manage Active Directory. We can also have separate domain controllers in different Active Directory sites based on their location. We manage replication between sites through Active Directory sites and services. We can provide insight into what is being done, which will replicate across these domain controllers in just a few seconds. This will ensure that our data or any modifications, any creations have been replicated successfully to the other domain controllers.

There is no room for improvement because Microsoft's solutions have moved from on-prem to the cloud. We won't see any improvement or enhancement in these on-prem solutions because, according to the Microsoft websites, all the information related to Active Directory and Windows Server has been retired and there is no more information about it. Microsoft has discontinued the solution and moved on. Microsoft has verified that all on-prem solutions will stop receiving support by 2030. 

The GUI has been the same from 2012 to 2016, and from 2019 to 2022. If Microsoft is going to add anything to the on-prem solution, it should be an updated GUI. 

I have been using the solution for six years.

I give the stability a nine out of ten.

I give the scalability a nine out of ten.

The Microsoft Support team often lacks the ability to provide timely support. Their response time is often slow, which can be frustrating for customers.

Neutral

The initial setup is straightforward. I am very familiar with the solution and the setup is a piece of cake. 

I give the ease of setup a ten out of ten.

I have seen a return on investment with the solution.

I give the solution a ten out of ten.

We need to know how many domain controllers we require in our environment in order to create a primary and redundant domain controller. Additionally, we need to follow a naming convention to avoid duplicate users and misspellings. The number and size of RAMs needed for our Active Directory will depend on our workload. We need to design our Active Directory well to ensure a good experience.

The most valuable feature of the solution stems from the fact that it is very easy to use. The user interface of the product is very easy to use.

Most of the features of the product are not implemented in our company because every employee is involved in their own research and development activities. Microsoft Active Directory restricts most of the features our company's employees want to use since they are involved in research and development activities. The tool should not restrict functions or features for users, and it can be considered as an area for improvement.

I have been using Microsoft Active Directory since 2013.

It is a stable solution. Stability-wise, I rate the solution a nine out of ten.

Every person in my company, which includes around 800 employees, uses the solution.

The tool is extensively used, and there are plans to increase the use of the solution in the future.

The product's initial setup phase was straightforward.

The solution is deployed on an on-premises model.

There are people working on three or four levels in our company involved in the deployment and maintenance process, which includes a manager, a project leader, a project engineer, and a junior engineer.

The deployment process can be carried out with the help of our company's in-house team.

As per the market standard, I would want the current prices of the product to remain the same.

The solution streamlined our company's user management and authentication since it helps us to monitor user activities.

The solution's ability to support our organization's device and user access control stems from the fact that there is a need for us to manage the hierarchy in our company. My company has different hierarchies, so we have used Microsoft Active Directory to manage the hierarchy level in our organization.

I recommended the product to those who plan to use it to use the tool to monitor and analyze the use of devices and data by employees.

The solution's scalability and maintenance help grow our business environment. Since we are an organization that works five days a week, the maintenance part is taken care of on Saturdays or Sundays, which may fall on the second or fourth week of the month. My company regularly maintains and updates the product.

The benefit from the use of the product stems from the fact that it helps our company to monitor and verify the details of employees.

I rate the tool a seven out of ten.

I find the product makes it easier to enhance various tools with Microsoft Active Directory. Active Directory can be either on-premises and can also synchronize with the online version of Microsoft Entra.

I find the solution very useful. I can control all the devices in my domain by just changing the group policies in one place.

Perhaps the synchronization could be simpler and more controllable. There are some features that need improvements in terms of ease of use and frequency of updates.

I have used the solution for ten years.

As I said before, there are some things that can be done to improve the integration, mostly with other solutions.

I have never used technical support. I like to solve my own problems.

Neutral

I have always used Spitterest.

I find the setup straightforward, except if I want to make some customizations, it becomes more complicated.

Implementation is done in-house.

I do see a return on investment with this solution.

I'd rate the solution nine out of ten. I find the solution clear.

We are still on a hybrid environment where we have Azure Directory on-premises, and sync it up to Microsoft.

The password policy helps enforce security protocols by requiring complex passwords and frequent password changes. Additionally, we do not allow users to reuse their last twelve passwords.

The features that I found most effective are the group policies. They allow us to set password policies and other specific setups in the end-user object.

The challenges everyone now has in mind is how to really migrate fully to the cloud. Many companies face both technical and cost-related challenges when moving from on-premise Active Directory to Microsoft Intra. Additionally, not all features available on-premises, such as the RADIUS server, are available in the cloud, necessitating alternative solutions. Moreover, the cost of migrating to the cloud is a significant hurdle due to the yearly subscription fees.

I have been using the solution for around ten years.

We have no complaints regarding the stability of the solution. I would rate the stability nine out of ten.

I rate the scalability a seven out of ten. There are many dependent objects to check, such as compatibility of RADIUS servers, which require time and technical checks.

I have contacted Microsoft support before. The experience can vary; sometimes it is good, and other times it is bad. Much depends on the help desk. My rating for tech support is five out of ten. 

One recommendation for improvement is that support should correspond with the preferred mode of communication indicated in the ticket. Additionally, they should be aware of user time zones to avoid calling at inconvenient times.

Neutral

I have used Microsoft Active Directory and Google.

I have seen value in using Microsoft Active Directory. While it may not return a direct financial ROI, it is a critical part of our infrastructure alongside other solutions like Google Directory.

Microsoft Active Directory can be a suitable choice if you want a suite of Microsoft products like PowerPoint and other Office tools. However, the choice between Google and Microsoft depends on the company's nature of business.

I'd rate the solution eight out of ten. 

Commonly, we engage in three key use cases. The first involves upgrading customer’s outdated directories like 2008 or 2012 to newer versions for improved structure. The second revolves around creating a hybrid setup with Office or Azure cloud, aiming for single sign-on across both. Lastly, we often tackle restructuring situations due to mergers or acquisitions, where directory structures must be unified into a shared infrastructure. These are the typical scenarios we handle in our projects.

One noteworthy aspect we discovered is the ability to exercise tight control over systems, specifically Windows PCs. This pertains to the management of policies, usage patterns, and user access on these devices, particularly within the framework of Active Directory which is extremely well thought. This actually works better with on-premises solutions. However, as the global trend shifts towards cloud and hybrid environments, Active Directory and its use is diminishing. Yet, it hasn't entirely lost its relevance and remains a presence that cannot be entirely disregarded.      

Typically, it depends on the customer's situation. If the customer operates in smaller locations where most PCs are in a common location, we usually aim to consolidate the directory infrastructure for easier maintenance. However, for distributed setups spanning multiple countries, configuring multiple sites becomes necessary and more intricate to handle. Our objective is to minimize the number of sites, simplifying operations for IT administrators and reducing errors. Mistakes in Active Directory can be costly for organizations, as disruptions can occur rapidly.

Moreover, when it comes to hybrid single sign-on across various applications, Microsoft hasn't put forth significant effort. Single sign-on has become a challenge for many customers who utilize diverse solutions beyond Microsoft products. While implementing single sign-on is relatively straightforward in the Azure cloud, it's considerably more complex when dealing with the local Active Directory. This presents a big challenge for many of our customers.

I have been working with Microsoft since 2000 and was a part of the Microsoft Active Directory Development team in Windows.

The stability and effectiveness of the setup depends on its design consideration of future growth. For instance, if a company starts with a thousand PCs but foresees expansion to ten or fifteen thousand PCs over five years, the solution should involve adding servers rather than restructuring the entire network. Unfortunately, we often find that this foresight is lacking in many cases. The initial design should be though-through with growth in mind to ensure scalability and stability.

Active Directory was an extension of the Windows NT infrastructure and wasn't designed for extreme scalability. It was intended for organizations with around five to six thousand PCs.

However, as organizations grew to more than twenty-five or thirty thousand PCs, the complexity of managing it increased significantly. Especially when managing across different countries or regions, the complexity could lead to errors, issues with patches, and other problems. For large organizations, we often suggest a hybrid solution involving Azure Directory. This way, local Active Directory is still present, but there's less dependency on it and more reliance on the cloud. Cloud solutions like Azure offer virtually limitless scalability compared to local setups constrained by server and network infrastructure.

We have a technical support team in place. In most Active Directory cases, the customers have external support from vendors. In that case, our observation is that if the initial setup is executed well and the system operates smoothly, there are fewer and simple user issues. The maintenance tasks remain minimal.

In the case of Microsoft vendor support, we have extremely poor support quality in our interactions with numerous customers. The received support has been lacking in effectiveness, largely due to the practice of assigning relatively inexperienced individuals who are learning as they go. Dealing with such a complex infrastructure as an active directory, experimenting can worsen the situation.

Neutral

Certainly, we have worked with Novell's Directory Infrastructure, which initially outperformed Microsoft's Active Directory. However, Microsoft rapidly closed the gap and swiftly gained prominence, and became one of the directories that could manage PCs

NetWare emerged as an easy-to-deploy and manage solution with good stability. The Windows NT infrastructure or Active Directory required many servers or just one server. The NT domain was less stable and based on a single server which had a lot of issues and could bring down the entire network. However, Microsoft addressed this concern in subsequent versions, effectively eliminating the problem.

When dealing with a new directory structure, the process is generally straightforward and clear. The approach depends on the organization's desired business rules. In cases of restructuring, the level of complexity varies based on the type of restructuring, whether it involves straightforward consolidation or the amalgamation of two distinct organizations. Rather than rating, the most complex scenario arises during the restructuring of directories, particularly when merging two companies or distinct structures. The complexity arises from the case to simplify and bring the rules on the same ground from each entity into a unified set suitable for the new organization. In my view, these projects have posed one of the most difficult cases.

For a fresh setup, the server infrastructure typically requires a few days or even less. The server setup is generally straightforward, but the time-consuming part lies in manually joining the PCs to the domain, as there isn't a fully automated method for it.

Active Directory is an expensive solution, primarily due to Microsoft's licensing model. This licensing approach includes paying for server licenses as well as for each computer that connects to it. However, when working with the Azure cloud, there is no cost for the server. This is profitable and one of the main reasons why Azure Cloud and other cloud-based solutions are being used more. 

There are certain scenarios where an Azure or cloud-based system might be unsuitable. For example, industries like power plants or government agencies might have restricted cloud connectivity due to regulatory or security concerns. In such cases, the utilization of Active Directory becomes the choice for managing on-premises infrastructure, as cloud isn't feasible option.

I would rate the overall solution an eight out of ten.

We only use Active Directory in my location for login purposes. We give permissions to file servers.

The most valuable feature is the configured appliance system in Hypervisor. We find Active Directory to be simple and effective. We mainly use it for file servers and user security. We don't utilize many advanced features.

The initial setup should be easier. It's complex and has replication and synchronization issues.

The technical support team does not give prompt responses.

I have been using the solution for the last four years.

It is a stable solution as there are no crashes or downtime. I rate it a ten out of ten. It is very good performance-wise.

It is a scalable solution. In my location, we have a total of 46 users. I rate it a ten out of ten.

The technical support team is not good as they do not provide prompt support. I rate them a five out of ten.

Neutral

Active Directory's initial setup is complex because, for some parts, like replications or synchronization, there are some problems that need to be verified. 

There is an expert-level requirement, and we are not experts. So we speak to Microsoft's support, but they are also not capable. 

Role deployments will take two to three hours. But fresh installation, if we are installing and configuring it, takes one to two hours.

Our team configured it and performed the installation and configuration.

The pricing model differs for India and other countries. Our procurement was based in India for a Microsoft license. The branch in our location is responsible for providing us with the software and licenses. They have an IT team that takes care of all the software-related matters.

Since we started to use it and configured it with our server, we haven't experienced any downtime, instability, or crashes. I have had a good experience with this solution and with Microsoft.

I rate the solution a ten out of ten.

I use Microsoft Active Directory for user and computer management.

Microsoft Active Directory implementation allows us to save time for user management. Single sign-on with enterprise applications improves our security.

The most valuable features of Microsoft Active Directory are the management of user and group policies.

The DNS services could improve in Microsoft Active Directory.

I have been using Microsoft Active Directory for approximately 18 years.

Microsoft Active Directory is highly stable.

I rate the scalability of Microsoft Active Directory a ten out of ten.

The solution is scalable.

We have approximately 700 people in 90 countries using the solution in my company.

We create user accounts and policies using the solution. We do not touch it often.

I rate the scalability of Microsoft Active Directory a ten out of ten.

We have our own expertise and did not communicate with customer service about this solution.

I did not use another similar solution to Microsoft Active Directory.

The initial setup of the solution is easy but needs good planning, sometimes the environment can cause challenges. The full process takes a few hours. 

The migration from workgroups to the current infrastructure took approximately six months.

The number of steps taken to implement the solution depends on the environment of the deployment. For example, how the users work, and how many offices can determine the difficulty and steps taken for the implementation.

I rate the initial setup of Microsoft Active Directory a nine out of ten.

We did the implementation of the solution in-house with three administrators.

We do not calculate the ROI but think it is worth the money.

The price of Microsoft Active Directory could improve. We pay annually for the solution.

I rate the price of Microsoft Active Directory a seven out of ten.

We evaluated other options before choosing Microsoft Active Directory, such as Linux-based solutions. I was familiar with Microsoft Active Directory and comfortable and this is why we are using it.

We use three administrators for the maintenance of all infrastructure including the solution.

I rate Microsoft Active Directory an eight out of ten.

Our primary use case is to inform the user of access and single sign-on support to the internet.

The most valuable features are it is easy to use, manage, create a repository, and create the OM.

I would like to see the integration with Mac and IOS products improved. I would also like to have some similar functionalities in the on-premise solution that they have on the cloud solution.

I have been using Microsoft Active Directory for the past six to seven years.

Microsoft Active Directory is a stable solution and there are patches available when there are issues.

There is definitely scalability, we currently have around one thousand six hundred users.

Customer support is available however going directly to a technician is not our primary support option. We are able to use online forums and documentation before we involve a customer service technician.

Positive

In most cases the initial setup is straightforward. If you work in a greenfield environment, then it is easy to perform. But if you are using any previous products like the earlier versions of Microsoft Active Directory, then it is actually difficult to take the downtime and then reconfigure the Microsoft Active Directory on the new server and then re-implement the users in it. The initial migration is complex and challenging, but the greenfield implementation is okay.

The license is perpetual and the cost is minimal. If you purchase Microsoft Windows then Microsoft Active Directory comes with the package.

I think it is highly recommended to use Microsoft Active Directory knowing how it operates. I would rate Microsoft Active Directory an eight out of ten.