Microsoft Entra ID Reviews

Entra ID serves as our primary identity security tool. 

Entra ID enables us to implement security easily and effectively. It has built-in integration with all the Microsoft tools, like SharePoint, Outlook, Teams, etc., the condition access we discussed earlier. It's our primary identity security tool. We can't live without Entra ID. 

Using Entra ID has improved our security. Our security score is close to 80 percent, which is a critical metric because that includes everything under the hood. We have continuously improved in the last two or three years. We have implemented many improvements since the pandemic, so the number of incidents has decreased a bit, and automation has been throttled up.

Conditional access and Privileged Identity Management (PIM) are the most valuable features from a security perspective. 

Rule management and permissions need improvements. I have had discussions with product managers about these challenges and sent emails regarding them. Additionally, improvements are needed in the Identity Governance and Administration (IGA) side of things.

I have been working with Entra ID for around six years.

I rate Entra ID 10 out of 10 for stability. I have not encountered any issues.

I rate Entra ID's scalability 10 out of 10. It's great.

Customer service has been very good. I have raised sophisticated queries and received responses within a day.

Positive

I have never used a different solution and have always worked with Entra ID.

I have not personally deployed Microsoft Entra ID. However, I have integrated the solution, and we have worked with integrators to set it up.

The biggest return on investment is the seamless integration with all Microsoft apps and services. If you choose something new and integrate it, it can take a lot of time.

I rate Entra ID eight out of 10. 

We migrated about 3,000 computers from on-prem Active Directory to Azure Active Directory or Azure AD. 

These are still early days, but we are certain that it will improve our organization as we move away from on-prem Active Directory.

It provides a single pane of glass for managing user access, but we have to get more into it to be able to say that for sure. We have got so many different tools. It would be nice to have less tools. We are starting to take a look at how to consolidate tools.

It will definitely help to save time for our IT administrators.

It has not yet helped to save our organization money. It is too early for that.

The way the laptops are joined is valuable. We can take advantage of that in terms of being able to log in and do things. It is easier to change passwords or set things up.

I would like to dive into some of the things that we saw today around the workflows at this Microsoft event. I cannot say that they need to make it better because I do not have much experience with it, but something that is always applicable to Microsoft is that they need to be able to integrate with their competitors. If you look at IDP, they do not integrate with Okta.

I have been using this solution for about six months. It was not called Entra ID then. It was called Azure AD.

Our dealings have been fine. We do not deal with them so much. When we have to open something, our account managers help us out.

We were on on-prem AD. We moved to Azure AD because of a merger. We were purchased by a larger company, so we are moving on to their domain.

It was in the middle of the road. It was not the easiest thing, and it was also not the hardest thing.

We took the help of a company. They did a good job. They helped us to move a huge amount of data.

It is in line. Because we are so early, we have not had to come back on a cycle where we are having to negotiate again.

I would rate Microsoft Entra ID a nine out of ten. It is very good.

We manage local users in the Microsoft Entra ID environment. 

The tool's most valuable features are security and integration with other tenants. 

The product takes at least ten minutes to activate privilege identity management roles. 

I have been using the product for two years. 

The tool's stability is good. 

Microsoft Entra ID's support is good. 

The tool's deployment is easy. However, documentation is not helpful. 

The product is cheap. It is free for our tenant. 

I rate the product a seven out of ten. 

Microsoft Authenticator is a third-party application used to authenticate users in our Microsoft environment, such as accessing emails or applications like Excel, Word, or any other application. It is also used for online login purposes. The configuration process is simple from the admin side; we just need to enable it for the user. The user will receive a notification on their mobile device and then needs to download the Microsoft Authenticator app. They can add their account by entering their username and password. Once this is done, the configuration is complete.

While using any applications in the environment, users need to authenticate using Microsoft Authenticator. They will receive a one-time password that expires in thirty seconds, which they must use for authentication. One advantage of using Microsoft Authenticator is that it ensures the security of user accounts. Even if someone tries to hack or authenticate into another person's Microsoft account, they will be unable to do so without the password. The user will receive a notification if someone attempts to access their account and can choose whether to grant them access or not. If any unauthorized access is detected, we will investigate to identify the person behind the authentication attempt.

Microsoft Authenticator is highly secure. It is connected to its own servers. Using this application employs encryption methods, and the user has the right to access it. Additionally, we can utilize the biometric fingerprint tool for authentication, ensuring that only one person has access to it. This feature is extremely beneficial.

The cost of licensing always has room for improvement.

I have been using Microsoft Authenticator for three years.

Microsoft Authenticator is scalable.

The initial setup is straightforward. We downloaded it from the Google Play store and used a name and password. That's all it takes, and we're ready to go. The configuration duration is set on an admin site, but the actual configuration must be done on the end devices themselves. This can include mobile devices, tablets, or any other device that we can use, and takes about ten minutes to complete.

We have observed a 60 percent return on investment with Microsoft Authenticator, which provides us with peace of mind, knowing that there is no unauthorized access occurring.

Microsoft Authenticator is included in the package when we purchase a license from Microsoft.

I rate Microsoft Authenticator ten out of ten.

We have 120 users. The solution is used daily and is required whenever a Microsoft account needs authentication to ensure that only the data owner or email owner has the proper authentication to access the mailbox or application.

I will advise people to continue using the Microsoft Authenticator because it provides security and data protection. From a cybersecurity perspective, it is beneficial to use the Microsoft Authenticator for the authentication of Microsoft products.

Microsoft Entra ID is used to control access to our environment.

Microsoft Entra ID has been most beneficial in the realm of IT management, although not significantly impactful on user experience. Microsoft Entra ID is not solely for user management or enhancing user experience. Rather, it greatly aids in constructing operational processes for IT management, as its capabilities extend far beyond user and access management. In terms of refining user experience, it certainly contributes to areas like authentication, particularly in diverse authentication methods and device-based authentication. 

The best thing about Microsoft Entra ID is the ease of setup.

If we're highly experienced or dealing with intricate scenarios, Microsoft Entra ID might not be the most suitable solution. In my opinion, it resolves the majority of cases, but it lacks comprehensive management tools for access control. I don't consider it the premier tool for user or identity management. While it covers many aspects, we'll need supplementary tools to effectively manage access rules. This deficiency is quite significant. To make it viable for a large organization, substantial additional development is necessary.

Microsoft Entra ID provides a way to manage user access, but it's not an effective tool for access management due to its excessive complexity. This is primarily because the process needs to be performed manually. Therefore, it lacks a user-friendly interface where we could define all access rules and scenarios comprehensively.

Zero trust is not easy to set up, especially for large organizations. While it could be implemented for smaller organizations, the extensive manual configuration required makes it impractical for larger enterprises.

Microsoft Entra ID's impact on access and identity management is relatively limited.

The single interface for managing permissions, permission rules, or conditional access policies needs to be significantly more user-friendly. While it remains functional for IT departments, it is not particularly user-friendly for end users. There is considerable room for improvement in this regard.

Microsoft Entra ID offers various features, but its setup and utilization are quite complex due to the lack of a user-friendly interface for end users. Unless we allocate a significant budget and a substantial workforce to configure it for end users, making it usable remains a challenge. Moreover, even with these investments, the cost of using Microsoft Entra ID would become prohibitively high. Thus, it's evident that the platform lacks the necessary functionality to provide a satisfactory end-user experience. 

I have been using Microsoft Entra ID for eight years.

The solution is stable. I have not encountered any stability issues.

Microsoft Entra ID is scalable.

I have had a positive experience with technical support. Additionally, if we opt for premium support or possess varying levels of support agreements with Microsoft, we can access excellent support.

Positive

The deployment is quite straightforward. It's truly uncomplicated from an IT perspective to utilize Microsoft Entra ID. It's not overly intricate in that aspect. However, when we delve into end-user scenarios, and the management and configuration of conditional access policies, permission management, and other similar aspects, it does introduce a certain level of complexity, naturally.

Microsoft Entra ID service can be quite costly due to its hidden expenses linked to usage. This cost ambiguity arises from our inability to accurately project expenses prior to implementation, contingent upon the specific features employed. The expense is particularly notable if we intend to utilize it for comprehensive identity management. Nevertheless, alternative budget-friendly identity management solutions are limited within the current market landscape.

There are no additional costs for maintenance because most of the parts are cloud-based and managed by Microsoft. This means we can't manage it ourselves. However, if we had a private cloud with Microsoft Entra ID, for instance, then we could manage our entire cloud ourselves. This would allow us to have good control of the costs. But there are many small components in Microsoft Entra ID. So, when we are planning to build something with Microsoft Entra ID, we might struggle to understand the total cost for the users. It's difficult to comprehend all the necessary pieces we need to purchase to construct a scenario. Only after we have designed this solution, we will be able to see the complete cost. Unfortunately, there are numerous hidden costs in Microsoft Entra ID that I am not particularly fond of.

If we consider the top three or four management tools, they offer numerous out-of-the-box features for connecting to HR sources. Furthermore, we have a straightforward method for establishing access policies based on our HR data. In my opinion, competitors hold an advantage over Microsoft Entra ID.

I would rate Microsoft Entra ID eight out of ten.

We can achieve a great deal with conditional access policies; however, using the interface itself is quite cumbersome and not very user-friendly. Consequently, there are very few tools currently available that offer a well-designed user interface for managing access policies. This is consistently a highly intricate scenario.

Based on my experience, Okta functions primarily as a solution for managing customer access or customer identity, rather than being the conventional method for handling business or corporate identities. It's more focused on robustly managing customer identities. However, in my previous procurement roles, it has never been selected as the primary option. This could be due to my limited exposure to customer identity management. Thus, I find it challenging to draw a direct comparison. On the other hand, Microsoft Azure Active Directory can certainly serve as a customer identity management solution and is comparable in this aspect. However, the comparison doesn't hold true for user identity management.

The maintenance is controlled by Microsoft because the solution is on their cloud.

Organizations should refrain from exclusively using Microsoft Entra ID for all identity and access management scenarios. This is because relying solely on Microsoft Entra ID necessitates creating additional components ourselves to address aspects that cannot be readily addressed using the default Microsoft Entra ID setup. We are required to construct these components and establish phases for end users, as Microsoft Entra ID does not encompass all these functionalities. A more effective approach could involve integrating Microsoft Entra ID with another product, such as SailPoint. This combined utilization would likely result in a robust identity management solution. It's important to recognize that Microsoft Entra ID alone cannot adequately address all our scenarios.

We work with Active Directory in our own IT network in our office. We also deploy Active Directory projects in some other clients.

Active Directory is an active directory service from Windows for a Windows Server operating system.

We have synchronized identities on-premise with on-cloud identities in order to work with Microsoft-aligned services such as Office 365 and to work in the middle of hybrid topology for on-prem and cloud identities, as well as to be more productive with other capabilities that Azure Active Directory Premium offers. This includes, for example, single sign-on, multifactor authentication, Conditional Access, privileged access management, and Privileged Identity Management. Our current experience with Azure in the Cloud - Azure Active Directory - is it's very functional and productive in talking about identity and access management solutions.

In the last two years, as COVID has been present worldwide, the Azure Active Directory capabilities have allowed us to work completely in a remote way. It's not fully necessary to work at the office or in only certain locations. We are now fully capable to work from any location, any place in the world.

The most important thing about this solution is the capabilities for multifactor authentication and single sign-on that it offers for native Microsoft solutions and non-native Microsoft solutions.

The solution has features that have helped improve our security posture. Azure Active Directory works with some technologies around security such as mobile device management, mobile application management, and Azure Information Protection as well as Conditional Access and multifactor authentication. These capabilities give us a good level of security.

The solution has affected our end-user experience. For example, we work with several technologies in the Cloud, such as Salesforce. Azure Active Directory allows us to work within a single sign-on model. This allows us to work more easily, and not have to remember a bunch of different passwords for various applications. With a single sign-on, we can work in a more transparent way and we can be more productive, having direct access to our applications in the cloud.

Microsoft is working with Microsoft Identity Manager for Active Directory on-premise. It will be very important to have these identity management solutions directly in Azure Active Directory. It's very important to have some kind of Azure identity manager as a technology for identity and access management for working both in the cloud and inside the Azure suite.

I've been using the solution for the last 15 years or so. 

We have the service running all the time and it runs and works without an issue. Up until now, we have not had any problems at all in terms of the availability of the service.

We know that if we need to integrate more than hundreds or thousands of users, we know this won't be a problem. We have about 80 users in the Azure Active Directory right now, however, we know that if it was necessary to scale it for hundreds or thousands of users, it wouldn't be a problem.

We've contacted technical support several times over the last ten or so years. 

Microsoft is a very big, important company. People working in technical support have been very professional and quick to respond. They're very good specialists.

This is the first product that I consider as it is a powerful directory service and better than what any other company offers.

The initial setup was very straightforward. We've worked with Azure Active Directory for the last three or four years and find it very easy to deploy. It might take maybe three days. 

In terms of maintenance, we only have a couple of people dedicated to offering technical support. Once you deploy it, it's not necessary to give too much support after that.

I know that there are several other solutions, for example, Open LDAP, et cetera. I like the functionalities that Microsoft Active Directory offers. Therefore, it was not necessary to test any other technology.

I'm pretty sure that one of the main advantages of Microsoft Active Directory is that not only does it provide user management, it's also a technology component inside of a very big strategy for technology in any environment or company. It's native. Users can have their own mailbox for Exchange or Office 365. Active Directory is integrated as a way of authentication for any other database or web service. The main advantage is that it's integrated into a whole global authentication strategy.

I am a Microsoft-certified systems engineer. I've been doing this for the last 22 years.

I'm a partner and reseller. We work with several specialists for deploying, project management, and development of solutions around Microsoft technologies.

For any customer or any client that is interested in deploying Azure Active Directory to have a full strategy for hybrid environments. They need to take into account users on-premise and users and resources in the cloud in order to have an integrated architecture and solution to best utilize the Azure Active Directory capabilities.

I'd rate the solution at a nine out of ten.

We provide a pipeline for Azure Active Directory. We are working with premium clients, giving them services, like SaaS application services through Azure Active Directory. Also, we help external clients who are planning to migrate from on-prem to Azure Active Directory. We help them with the setup, etc.

We are providing Office 365 access from Azure Active Directory. We are enabling multi-factor authentication and assigning the licenses for end users.

We can provide access for many SaaS analytics tools, like ERP and CRM. We can provide access from everywhere to Azure AD. So, it will work as an authentication service, then we can provide access to particular SaaS applications. Therefore, we manage all accesses and privileges within Azure AD for different applications.

The Privileged Identity Management is a good feature. The identity products of Azure Active Directory are good features. 

There are role-based access controls. Both built-in and custom roles are very useful and good for giving permissions to a particular set of users. 

Privileged identity access lets you manage, control, and monitor permissions of a particular set of users or group. This is a good way to control the access. With the rollback access control, that will secure your environment, e.g., if you want to secure it from an authentication point of view. So, if you are an authentication provider service, your request will go for authentication, then it will go back for service authentication. So, this is a good feature in Azure Active Directory.

Azure AD has features that have helped improve our security posture and our client's security posture. We don't have to manage many things because there are some built-in features inside it. We can set it up once and it will work as an auto process, which is good from our side. On the clients' side, it will then not be challenging when managing stuff, as it will be very easy to manage the client end.

Azure AD needs to be more in sync. The synchronization can be time-consuming. 

The availability is good. I have never experienced any downtime.

The scalability is great. If we will go with the custom installation version of Azure AD Connect, i.e., for many users, then we can go with the custom settings. 

I have one client with one tenant. We verified their domain and created many users. It was already on-prem, so we synced all the users from on-prem to Azure AD. We gave those users Office 365 permission from the Office 365 admin center. From there, we enabled the MFA and assigned the licenses. 

We have migrated 10,000 to 12,000 objects from on-prem to Azure AD previously.

Whenever I have logged a case with Microsoft, their technical support replies within 24 hours with an email and a call, which is good.

Previously, our clients only had on-premises Active Directory. They migrated to Azure AD because they didn't want to keep their on-prem environment. There are a lot of challenges with maintaining those servers and other costs. 

It is also a good service. From one console, we can manage many things. It is better if we can work with it from a single console, managing it all with fewer resources. With on-prem, there are many domain controllers that we need for various stages, and we have to manage all the domain controllers. Apart from that, we have to back up and monitor the server as well as do everything for the setup. 

It is a very easy process to set up. First, we need to collect all the information, e.g., the custom domain information, user information, and which kinds of applications the users want to access. All this information is needed. Based on that, we can just set up and go to the Azure Portal. We can go to the Azure Active Directory console from there, where we can verify the domain and do the management. It is a very easy process, which is not time-consuming. Though, if you want to design your own application (customize it) and provide access for a particular user or group, then it can be a bit of a time-consuming process.

I don't think more than one or two people are needed for the deployment. If we have all the information, then we can work alone. Not many resources are needed for this.

Azure AD has a good return on investment. We do not need as many servers, electricity, etc. We can save from a cost point of view. Apart from that, if we have a limited set of users, we do not need to go with the extended version of Azure Active Directory, where it costs a lot to enable these services. Azure Active Directory is a good option compared to on-premises. 

This solution is less time-consuming. We don't have to hire as many resources to give permissions to a particular user or group for any application.

We are working with the Premium P2 licenses, which are reasonable. If you invest in the on-premises environment setup, then it costs so much. However, on-prem AD gives you the ability to manage your organization in a very organized manner, where you can create a group policy.

Azure AD provides identity access. If you have to go with the identity part only, then Azure AD would be the better option. If you will go with the various authentication authorization and security services, like group policy setup, then on-prem Active Directory would be better.

It is good service and easy to use.

I would rate the solution as a nine out of 10. They should be improving the solution all the time.

We use Entra ID for single sign-on to all of our internal IT systems and public SaaS offerings within the company.

Entra ID streamlines permission management and authentication for most systems. It also unifies IDs, simplifies IT operations internally, and enhances security by enforcing a better security posture across the organization.

We like the ease of app registrations and single sign-on with Entra ID. It offers an easy way to add multi-factor authentication to nearly any application and system. 

We've used it within AKS clusters to do pod identities. That has greatly reduced the number of static credentials we have running around and drastically improved our security. Combining Entra ID with the amazing work of our AKS team has enabled us to shrink the blast radius of credentials given to applications instead of only at the node level. This has allowed us to scope down permissions to an application level instead of the Kubernetes cluster, making it more secure and much closer to a full zero-trust solution.

Entra has helped us fight token theft. We almost always use short-lived tokens, which help us address many of these challenges. They still exist for certain use cases, but they've been drastically reduced due to our ability to use short-lived tokens.

We have never had an identity-related attack because we're lucky. However, that's just a matter of time until we do in this industry. Not having them before does not mean that we're not better protected now

The automation aspects of Entra ID could be improved, particularly when automating through different providers and SDKs. It's somewhat clunky to automate ID management, but it's great once it's set up. I would also like to see better Terraform support. 

I have used Entra ID for the last three years.

The stability has been great. I haven't had any issues.

The scalability is great. I've hit no issues in terms of scalability.

I rate Microsoft support 10 out of 10. Microsoft customer service is the best in the industry. There are immediate answers to any issues that arise with great knowledge and a deep understanding of the product and business needs.

Positive

I've used multiple solutions in the past, including Google authentication and Okta. I switched mostly to consolidate and for a better feature set that integrated better with the rest of our Microsoft products.

The setup is one of the easiest I've seen in the industry. It's very easy to onboard.

We used ourselves since we're an integration company.

We have seen a return on investment. We already have Entra ID, and like many customers, we haven't used it to its fullest potential. We get a return from not needing to pay other vendors to do what we already had from Microsoft, which was better than the competition.

We evaluated Workspace ONE, Google, and Okta before switching.

I rate Microsoft Entra ID nine out of 10. Without good Terraform support, it will stay below a 10, but everything else is so great.