Microsoft Active Directory Reviews

I find the product makes it easier to enhance various tools with Microsoft Active Directory. Active Directory can be either on-premises and can also synchronize with the online version of Microsoft Entra.

I find the solution very useful. I can control all the devices in my domain by just changing the group policies in one place.

Perhaps the synchronization could be simpler and more controllable. There are some features that need improvements in terms of ease of use and frequency of updates.

I have used the solution for ten years.

As I said before, there are some things that can be done to improve the integration, mostly with other solutions.

I have never used technical support. I like to solve my own problems.

Neutral

I have always used Spitterest.

I find the setup straightforward, except if I want to make some customizations, it becomes more complicated.

Implementation is done in-house.

I do see a return on investment with this solution.

I'd rate the solution nine out of ten. I find the solution clear.

We are still on a hybrid environment where we have Azure Directory on-premises, and sync it up to Microsoft.

The password policy helps enforce security protocols by requiring complex passwords and frequent password changes. Additionally, we do not allow users to reuse their last twelve passwords.

The features that I found most effective are the group policies. They allow us to set password policies and other specific setups in the end-user object.

The challenges everyone now has in mind is how to really migrate fully to the cloud. Many companies face both technical and cost-related challenges when moving from on-premise Active Directory to Microsoft Intra. Additionally, not all features available on-premises, such as the RADIUS server, are available in the cloud, necessitating alternative solutions. Moreover, the cost of migrating to the cloud is a significant hurdle due to the yearly subscription fees.

I have been using the solution for around ten years.

We have no complaints regarding the stability of the solution. I would rate the stability nine out of ten.

I rate the scalability a seven out of ten. There are many dependent objects to check, such as compatibility of RADIUS servers, which require time and technical checks.

I have contacted Microsoft support before. The experience can vary; sometimes it is good, and other times it is bad. Much depends on the help desk. My rating for tech support is five out of ten. 

One recommendation for improvement is that support should correspond with the preferred mode of communication indicated in the ticket. Additionally, they should be aware of user time zones to avoid calling at inconvenient times.

Neutral

I have used Microsoft Active Directory and Google.

I have seen value in using Microsoft Active Directory. While it may not return a direct financial ROI, it is a critical part of our infrastructure alongside other solutions like Google Directory.

Microsoft Active Directory can be a suitable choice if you want a suite of Microsoft products like PowerPoint and other Office tools. However, the choice between Google and Microsoft depends on the company's nature of business.

I'd rate the solution eight out of ten. 

Commonly, we engage in three key use cases. The first involves upgrading customer’s outdated directories like 2008 or 2012 to newer versions for improved structure. The second revolves around creating a hybrid setup with Office or Azure cloud, aiming for single sign-on across both. Lastly, we often tackle restructuring situations due to mergers or acquisitions, where directory structures must be unified into a shared infrastructure. These are the typical scenarios we handle in our projects.

One noteworthy aspect we discovered is the ability to exercise tight control over systems, specifically Windows PCs. This pertains to the management of policies, usage patterns, and user access on these devices, particularly within the framework of Active Directory which is extremely well thought. This actually works better with on-premises solutions. However, as the global trend shifts towards cloud and hybrid environments, Active Directory and its use is diminishing. Yet, it hasn't entirely lost its relevance and remains a presence that cannot be entirely disregarded.      

Typically, it depends on the customer's situation. If the customer operates in smaller locations where most PCs are in a common location, we usually aim to consolidate the directory infrastructure for easier maintenance. However, for distributed setups spanning multiple countries, configuring multiple sites becomes necessary and more intricate to handle. Our objective is to minimize the number of sites, simplifying operations for IT administrators and reducing errors. Mistakes in Active Directory can be costly for organizations, as disruptions can occur rapidly.

Moreover, when it comes to hybrid single sign-on across various applications, Microsoft hasn't put forth significant effort. Single sign-on has become a challenge for many customers who utilize diverse solutions beyond Microsoft products. While implementing single sign-on is relatively straightforward in the Azure cloud, it's considerably more complex when dealing with the local Active Directory. This presents a big challenge for many of our customers.

I have been working with Microsoft since 2000 and was a part of the Microsoft Active Directory Development team in Windows.

The stability and effectiveness of the setup depends on its design consideration of future growth. For instance, if a company starts with a thousand PCs but foresees expansion to ten or fifteen thousand PCs over five years, the solution should involve adding servers rather than restructuring the entire network. Unfortunately, we often find that this foresight is lacking in many cases. The initial design should be though-through with growth in mind to ensure scalability and stability.

Active Directory was an extension of the Windows NT infrastructure and wasn't designed for extreme scalability. It was intended for organizations with around five to six thousand PCs.

However, as organizations grew to more than twenty-five or thirty thousand PCs, the complexity of managing it increased significantly. Especially when managing across different countries or regions, the complexity could lead to errors, issues with patches, and other problems. For large organizations, we often suggest a hybrid solution involving Azure Directory. This way, local Active Directory is still present, but there's less dependency on it and more reliance on the cloud. Cloud solutions like Azure offer virtually limitless scalability compared to local setups constrained by server and network infrastructure.

We have a technical support team in place. In most Active Directory cases, the customers have external support from vendors. In that case, our observation is that if the initial setup is executed well and the system operates smoothly, there are fewer and simple user issues. The maintenance tasks remain minimal.

In the case of Microsoft vendor support, we have extremely poor support quality in our interactions with numerous customers. The received support has been lacking in effectiveness, largely due to the practice of assigning relatively inexperienced individuals who are learning as they go. Dealing with such a complex infrastructure as an active directory, experimenting can worsen the situation.

Neutral

Certainly, we have worked with Novell's Directory Infrastructure, which initially outperformed Microsoft's Active Directory. However, Microsoft rapidly closed the gap and swiftly gained prominence, and became one of the directories that could manage PCs

NetWare emerged as an easy-to-deploy and manage solution with good stability. The Windows NT infrastructure or Active Directory required many servers or just one server. The NT domain was less stable and based on a single server which had a lot of issues and could bring down the entire network. However, Microsoft addressed this concern in subsequent versions, effectively eliminating the problem.

When dealing with a new directory structure, the process is generally straightforward and clear. The approach depends on the organization's desired business rules. In cases of restructuring, the level of complexity varies based on the type of restructuring, whether it involves straightforward consolidation or the amalgamation of two distinct organizations. Rather than rating, the most complex scenario arises during the restructuring of directories, particularly when merging two companies or distinct structures. The complexity arises from the case to simplify and bring the rules on the same ground from each entity into a unified set suitable for the new organization. In my view, these projects have posed one of the most difficult cases.

For a fresh setup, the server infrastructure typically requires a few days or even less. The server setup is generally straightforward, but the time-consuming part lies in manually joining the PCs to the domain, as there isn't a fully automated method for it.

Active Directory is an expensive solution, primarily due to Microsoft's licensing model. This licensing approach includes paying for server licenses as well as for each computer that connects to it. However, when working with the Azure cloud, there is no cost for the server. This is profitable and one of the main reasons why Azure Cloud and other cloud-based solutions are being used more. 

There are certain scenarios where an Azure or cloud-based system might be unsuitable. For example, industries like power plants or government agencies might have restricted cloud connectivity due to regulatory or security concerns. In such cases, the utilization of Active Directory becomes the choice for managing on-premises infrastructure, as cloud isn't feasible option.

I would rate the overall solution an eight out of ten.

Microsoft Active Directory is used to centrally manage all objects and provide access. It also serves as the authentication mechanism for most of our Windows and non-Windows applications using Kerberos. User and device management are also handled through Active Directory.

One of the most valuable features of the solution that I like is that it allows our company to apply GPOs properly to many users.

The GUI of Microsoft Active Directory is very basic. At our company, we can go for automation since we don't have many tasks. In the solution, assigning permissions is complex, making it difficult to grant them at a granular level or to multiple users without templates or alternative tools. Although achieving the RBAC or Zero Trust model is challenging due to the same limitations in Microsoft Active Directory, third-party tools are available to assist with this task. Even the Native Azure AD does not have these capabilities.

I do have experience with Microsoft Active Directory. Our company is a customer of the solution. Also, I have been using this solution for maybe eight to ten years. I am using the solution's latest version.

For stability, on a scale where one is not stable and ten is very stable, I rate this solution a seven since there are issues. The solution has its own set of issues concerning patches, compatibility issues, and a few more things. The few other issues are something that actually depends, in a sense, that every month, they roll out the patches, and then they try to close the vulnerabilities, creating issues. So, maybe encryption, and also there are many things.

The scalability of the solution is high. Scalability-wise, I rate this solution may be above eight out of ten. There are around 4,00,000 users of this solution.

The solution is used very often, daily, since it serves as a primary tool for various tasks, including authentication and other functions. At present, we do not plan to increase the number of users using the solution, as we are trying to reduce the footprint.

I rate the technical support for the solution between six to seven out of ten. While technical support is proactive, there are times when we cannot get through a call and don't always receive the support we expect from Microsoft's technical support team.

Neutral

The initial setup of the solution is easy, and I would rate it an eight or nine out of ten on a scale of one to ten, where one being difficult and ten being easy.

The deployment time of the solution varies depending on the team responsible for it. Since it's not primarily our team's responsibility, I'm unsure of the exact time required for deployment. I don't think more than one person is required for the entire deployment process. The number of people required to maintain the solution depends on the company's size.

The solution is worth the money paid for it.

I'm unsure about the cost of the solution, as I was never involved in that aspect. However, I don't think it would be expensive. It might be average, around four or five out of ten. I believe the licensing costs are volume licensing for on-premises, so it shouldn't be monthly. I think it's a one-time purchase for the server, and it comes with the necessary licenses. We don't have to buy any additional licenses.

My advice for those planning to use Microsoft Active Directory as a solution is that it is a scalable and stable platform that has been used for many years. It is a necessary tool for companies using Windows-based operating systems to manage their objects. Overall, I rate this solution an eight out of ten.

We only use Active Directory in my location for login purposes. We give permissions to file servers.

The most valuable feature is the configured appliance system in Hypervisor. We find Active Directory to be simple and effective. We mainly use it for file servers and user security. We don't utilize many advanced features.

The initial setup should be easier. It's complex and has replication and synchronization issues.

The technical support team does not give prompt responses.

I have been using the solution for the last four years.

It is a stable solution as there are no crashes or downtime. I rate it a ten out of ten. It is very good performance-wise.

It is a scalable solution. In my location, we have a total of 46 users. I rate it a ten out of ten.

The technical support team is not good as they do not provide prompt support. I rate them a five out of ten.

Neutral

Active Directory's initial setup is complex because, for some parts, like replications or synchronization, there are some problems that need to be verified. 

There is an expert-level requirement, and we are not experts. So we speak to Microsoft's support, but they are also not capable. 

Role deployments will take two to three hours. But fresh installation, if we are installing and configuring it, takes one to two hours.

Our team configured it and performed the installation and configuration.

The pricing model differs for India and other countries. Our procurement was based in India for a Microsoft license. The branch in our location is responsible for providing us with the software and licenses. They have an IT team that takes care of all the software-related matters.

Since we started to use it and configured it with our server, we haven't experienced any downtime, instability, or crashes. I have had a good experience with this solution and with Microsoft.

I rate the solution a ten out of ten.

Our primary use case is to inform the user of access and single sign-on support to the internet.

The most valuable features are it is easy to use, manage, create a repository, and create the OM.

I would like to see the integration with Mac and IOS products improved. I would also like to have some similar functionalities in the on-premise solution that they have on the cloud solution.

I have been using Microsoft Active Directory for the past six to seven years.

Microsoft Active Directory is a stable solution and there are patches available when there are issues.

There is definitely scalability, we currently have around one thousand six hundred users.

Customer support is available however going directly to a technician is not our primary support option. We are able to use online forums and documentation before we involve a customer service technician.

Positive

In most cases the initial setup is straightforward. If you work in a greenfield environment, then it is easy to perform. But if you are using any previous products like the earlier versions of Microsoft Active Directory, then it is actually difficult to take the downtime and then reconfigure the Microsoft Active Directory on the new server and then re-implement the users in it. The initial migration is complex and challenging, but the greenfield implementation is okay.

The license is perpetual and the cost is minimal. If you purchase Microsoft Windows then Microsoft Active Directory comes with the package.

I think it is highly recommended to use Microsoft Active Directory knowing how it operates. I would rate Microsoft Active Directory an eight out of ten.

I utilize it in almost every scenario. I use the Hazer database and meet daily needs across every industry, every time.

Having active deployment and well-configured systems helps me manage tasks and easily oversee thousands of users.

Technology is evolving. AI is offering solutions. However, short-term fixes are like band-aids.

I have used the solution for a very long time, spanning 25 years.

I have encountered a few stability issues.

I have encountered a few scalability issues.

I expect quick responses from Microsoft, however, in general, assistance can be found in English or occasionally in Turkish. Support documents are available on the internet in every language.

Neutral

I advise consideration of this solution. 

The overall product rating is ten out of ten.

We use the solution as a user repository for window servers and platforms. Also, we have Line App platforms, actively using Line Asset Align to host our account and claim access based on active directory code.

The solution's most valuable feature is its ability to plan and manage different policies and functionalities.

The solution's price could be better.

I have been using the solution for more than ten years.

The solution is relatively stable. There are no issues of stability right now.

The solution is easy to scale. Our entire enterprise uses it.

The solution's technical support is good if you purchase the premium service.

Positive

Microsoft Active Directory is quick and easy to install. As for the deployment, it is a matter of a few hours. It takes about one or two engineers to deploy. Also, as for maintenance, one person is enough. The patching can be configured automatically.

We purchase the license for the solution on a yearly basis. However, they have converted the licensing model into a subscription. But it is worth the money.

There are no issues in terms of the performance and configuration of the solution. It is user-friendly and has a lot of UI features. Also, they are about to deploy new AI-based features.

Microsoft offers higher licenses as well. Thus, I advise others to select the licenses that fit their company's requirements. Otherwise, they will end up paying more.

I rate the solution a nine out of ten.