Microsoft Entra ID Reviews

We're using the solution for our customers. It's for those that may have been on-premises and moved to the cloud when it started to become mainstream. Users wanted to transfer their users and permissions and so on to the cloud and onto Azure.

Azure is the most comfortable cloud to work with. One company we worked with had infrastructure that needed to go to the cloud, and with Microsoft, it's very easy to move. The company is flexible in terms of how you want to handle a migration or configuration. There are a lot of features that help to implement different solutions and that makes it very easy to work with. 

We are using the solution on different projects. Depending on the project, we use different features. It's great for handling user groups and security policies.

We can use it with Office 365 and Exchange. 

It provides a single pane of glass.

It's given us good consistency in terms of the user's sign-on experience.

Microsoft makes a very good product. It makes the policies quite easy and everything is quite understandable. It provides different tools to implement the same scenario.

The admin center for managing all identity and access risks across an organization is very cool. 

Verified ID is very useful for onboarding remote employees. It helps with privacy control of identity data. It makes security very easy. It makes it simple to protect the client. This feature helps IT and other teams protect the business.

We used permission management about a year ago. I had some experience with AWS. I didn't use GCP. Mostly we use Azure. In our case, when we implemented it with the current client, we didn't have any issues with it. It was clear and very simple. It has helped us in a few cases reduce risk when it comes to identity permissions.

Sometimes the client doesn't need the full functionality; they just need a small part of it - and it still works in those cases.

The product has helped us save time in IT and HR. If you create your directory with some logic, it allows you to streamline tasks. It can help more quickly handle requests. The management aspect helps simplify user interactions with various departments.

Azure has very good services that showcase how much money you are spending. It gives you advice on how to protect yourself from spending too much money. It's helpful when we have new clients. You can show them the financials from Microsoft and it will help illustrate how much it costs, and how much it will cost if you scale. It's very transparent on how much money you would spend depending on the setup. 

It's had a positive effect on the employee user experience. 

Sometimes it is difficult to understand the structure of the menu. Sometimes they make some changes in the configuration structure and you might have trouble finding a button or some functionality based on a UI update. That can be annoying. Too many interface changes can make it confusing. 

The documentation could be better. Microsoft documentation is confusing. We do not like working with documents. There is not one big website where you can find whatever you want. Instead, there are thousands of websites that cover certain parts or services. On top of that, they often have old, out-of-date information that hasn't been checked. This is the most difficult part of dealing with Microsoft. 

I've used the solution for almost four and a half years.

The solution hasn't had any downtime. Everything works perfectly.

We've had some issues with performance around scalability. When we tried to deploy in certain areas, we didn't have enough scalability. This was an unusual situation. Typically, scalability is not an issue, however. 

Sometimes we contact technical support, however, not usually during the initial setup. We tend to fix any issues by ourselves. 

Microsoft has different support teams in different countries. Who you speak to depends on what service you are using.

Automatically, your request is sent to a certain team or location. We have had a lot of issues with the Azure DevOps team, which is routed to India and the level of support is much lower. We had to have multiple calls to close a very simple task.

Positive

I have not used any other different solution previously. 

I was involved in the initial deployment. The setups are always complex. 

How long it takes to deploy depends on the client. We've done it in two days or one week. However, the main work is typically done across two days.

We tend to have two to three people involved in the implementation. 

It doesn't require any maintenance on our side. 

Typically, we always do the setup by ourselves. We handle the setups for the clients. We sometimes ask Microsoft for input.

Microsoft has various pricing tiers. 

I've read about Okta, however, I have never used it or evaluated it.

We are a Microsoft gold partner. 

I've used the conditional access feature, however, not very often.

If your company has more than ten users, you need this service. It gives you a lot of features to help manage your organization. A small startup with a handful of employees likely won't need it. However, if you have an organization with a financial department, a developer department, et cetera, it will get complicated handling access and permissions. Without this solution, you can't be sure you'll be safe - especially as you scale up your employees.

We use different models, including on-premises and cloud.

If you are a regular user, you don't need any special knowledge. However, if you are a technician, you can take exams from Microsoft and find materials about the product and really learn about it. That said, anyone can get a sense of the product simply by searching for it on YouTube.

I'd rate the solution nine out of ten. 

We use the solution for sign-on authentication to our devices.

During the pandemic, we were able to smoothly shift our employees to work from home. Azure Active Directory played a crucial role in ensuring the security of our systems by verifying the identity of the authorized personnel logging in.

We started using Azure Active Directory because it helped our IT administrators and department save time, which was one of the main reasons.

Azure Active Directory saved our organization money.

Azure Active Directory significantly enhanced the user experience for our employees. We observed a notable increase in employee usage and positive communication regarding their experience, particularly after the pandemic.

The two-step authentication is the most valuable.

I would like to have an additional security option to prevent spam.

The price has room for improvement.

I have been using the solution for five years.

The solution is extremely stable.

The solution is highly scalable. We are a school district that is compromised of seven schools. The solution is implemented in multiple locations, and we have over 200 employees and 1,600 students.

The technical support is good. They are always responsive and provide quick resolutions.

Positive

We were using Office 365 but all of the employees started to use their personal emails which affected security so we added Azure AD.

We obtained certification for the deployment of the solution. Microsoft provided a document outlining all the deployment rules and steps, as well as a planning team that provided instructions for all email templates. The deployment required three people.

The implementation was completed in-house.

We have seen a return on investment using Azure AD.

We are currently on the education plan, so the price is slightly better than the development plan. However, I believe there is room for even better pricing.

We assessed Google Cloud Identity but ultimately chose Azure AD due to the Microsoft product familiarity among our team. We believed the transition would be smoother, which has been confirmed. Moreover, since not everyone was using Gmail, it would have been challenging for them to learn a new system. However, at that time, everyone in our school was using Microsoft products.

I give the solution a nine out of ten.

We have a full-time IT staff and part of their role is to maintain the solution.

Azure AD is an excellent and highly stable product. Its user interface is intuitive for those who have prior experience with Microsoft products. With some training, deployment can be carried out successfully. Our deployment experience was hassle-free, but the pre-training we received proved to be very helpful.

We use it for the single sign-on to different products that we have, and it works pretty well.

In general terms, we use it as an admin tool. If we want to set up accounts for people, it's easier for us to do it like this because everything is connected to different groups.

It's a very intuitive platform. It's easy to create groups and add people.

I have used Okta in the past. Okta is easy to use, and it's also very friendly. Even users who have no tech experience would be able to use Okta.

When it comes to Azure, creating certain things or getting different resources isn't very clear. You need a certain level of knowledge of the system. It could be a little bit more friendly so that some of the things can be done easily, but after everything is created, it's easy to use.

I've been using this solution for five years. In this company, I've been using it for two years, and before that, I used it for about three years.

It's good. It has never hung up.

They're good. We don't have issues with scalability because we are not like Amazon or other companies that are super huge and have got tons of traffic.

I don't handle it directly now, but based on my previous experience, they're pretty fast. I'd rate them a 10 out of 10.

Positive

There was probably the Google management system, but it works similarly to Azure AD. 

I was not involved in its deployment.

In terms of our environment, it's a private cloud. We have the infrastructure within the platform, but all the software, all the usage, and other things are handled by us. We're private because we're a big company, so we're able to afford it. We're not an IT company, so we don't need so much processing power. So, we use Azure as a PaaS solution.

We use it as a connector for different applications. We have Adobe Sign and applications on AWS. AWS has a translation solution, and people have accounts over there. They have their translations of different products and things like that. That's how we use it.

In terms of maintenance, everything is done by Microsoft. We are just the end users.

The return on investment is easier to calculate with Okta. It's a bit complicated to calculate in the case of Azure. Of course, Azure is already a trusted platform. It's pretty big, and it's handled by Microsoft, so there are no issues with that, but it's easier to check the return on investment with Okta.

I'd recommend Azure Active Directory if you are a big company. For small or medium companies, it's probably not the best idea in the world because of the pricing. If you are a small company, you can probably deploy your own solutions because you're not handling a website with tons of traffic. If you are not like Adidas, Nike, or Walmart, you can do it in a way that is more localized than handling everything through a big price solution. However, Azure tends to provide you with solutions that are easier to use. If it was cheaper, I'd definitely recommend going for it.

I didn't evaluate any other solution. 

I'd rate Azure Active Directory a 10 out of 10.

There are many use cases. The main use case is identity synchronization to on-prem with AD Connect. Another main use case is related to conditional access. Automated licensing is also one of the use cases. 

It is also used for identity access management with specific workflows, rules, etc. Permission or role management for applications is another use case, but I have never used that in production. I have demonstrated it to multiple customers, but they were not there yet.

The main benefit is that you have one repository for identities. That is very important for main companies. If you have worked with or are familiar with the concepts of on-prem Active Directory, you can easily start with Microsoft Entra ID. You have everything in one area. You have application identities, workload identities, and other identities in one area. It is very convenient and powerful. It helps with centralized identity management. You can also connect with your partner organizations. It is quite powerful for collaboration with your partners, customers, etc.

Microsoft Entra ID provides a single pane of glass for managing user access. It is pretty good in terms of the sign-on experience of users. It is easy to understand for even non-technical people.

With this single pane of glass, we also have a good view of the security part or security policies. From an admin's perspective, we have complete logs of everything that is happening in almost real time. We have pretty much everything we need. In recent times, I have not come across many use cases that could not be covered.

With conditional access, you can make sure that you have control at any time. It is a part of the zero-trust strategy. Any access is verified. You have a very good grasp on identity and devices for compliance. You can manage any issues through Microsoft Entra ID. Most companies I have worked with let you bring your own device, and device management is very important for them. They have a tight grasp on who can connect and which devices can connect to their network or cloud resources.

There have been improvements in the onboarding and the leaving process. It has always been a challenge to make sure that people are given the right access right at the beginning and that their access is disabled at the right moment. Historically, while auditing clients, I could see people who left the company five years ago, but their access was still active. Permission management has been helpful there. It is a nice thing to implement.

In terms of user experience, we have not received any feedback from the users about Microsoft Entra ID, which is good because it means it is transparent to them. It works as expected.

My two preferred features are conditional access and privileged identity management. They are very powerful. I like conditional access a lot. It is an easy way to secure identities.

Privileged identity management helps to control who is requesting access, when, and what for. It gives you a nice overview of what is happening in your tenant and why people are doing certain things. You can easily detect outliers or if something is wrong. 

They can combine conditional access for user actions and application filtering. Currently, they are separated, and we cannot mix the two. I do not know how it would be possible, but it would be interesting.

For permission access, there can be a bit more granular distinction between Microsoft applications. Currently, you have a pack of things, but sometimes, you only want to allow one of the things and not the whole pack. For example, you just want to allow the Azure portal, not the whole experience. However, such scenarios are rare. Overall, I am pretty happy with where we are today. It is always exciting to do new things, but for the customers I have worked with, it covered 99% of the scenarios.

I have been using it since I started using Azure and M365. It has been almost six years.

It is very stable.

It is very scalable. I have not met any limitations, but I do not have clients with more than 2,000 users. 

I have used their tech support one or two times. It is pretty good. I would rate them a nine out of ten.

Positive

I have worked a bit with Okta and AWS IAM, but they are more expensive than Microsoft Entra ID. I last worked with Okta about two years ago. At that time, Okta was more advanced and intuitive in certain aspects.

Microsoft Entra ID is a no-brainer if you already do not have a solution and if you have on-prem Active Directory. If you already have something, then the choice can be different. Microsoft Entra ID works for various use cases because you have connectors with pretty much every application on the planet. You have a lot of possibilities to integrate. You can also integrate with on-prem. In terms of security, there are a lot of features to protect your identity. It is quite helpful and appealing, so if you do not have anything and you are going to use Microsoft technologies, it is a no-brainer. Similarly, if you are a cloud company just starting, and if you choose Azure, Microsoft Entra ID is a no-brainer. If you choose another cloud, you can go for another solution.

I have been working with cloud and hybrid deployments. There are a few cloud deployments, but I work a lot with hybrid deployments.

Its setup is straightforward. I am very used to it now, and for me, it is pretty straightforward. The deployment duration depends on the features that you want to enable. Features such as conditional access require discussions with the customers. Generally, two weeks are enough. You might also have to train the internal team on it, which could take a bit more time.

You do not require too many people for deployment. One or two people are normally enough.

In terms of maintenance, it is very easy to maintain. You might have to add another business case for your customers or simplify something you put in place. You have to be aware of the new features, etc.

Microsoft Entra ID must have saved organizations money, but I do not have the data.

Its price is okay. It is easy to go from a P1 to P2 license. It is not exactly a bargain, but I would recommend the P2 license.

Make sure to use MFA and conditional access wherever possible.

Overall, I would rate Microsoft Entra ID a nine out of ten.

We use Azure AD to implement conditional access when using Microsoft Network (MSN) services. Our infrastructure is primarily on-prem, and we operate our email in a hybrid environment and use the solution for continuity between our on-prem and cloud landscapes.

The solution improved our organization, especially in terms of security control. Overall, we're 65-70% satisfied with the product.

The most valuable feature is Conditional Access, and we use it extensively.

Azure AD provides a single pane of glass for managing user access; we integrated multiple APIs and use single sign-on for all of our Microsoft products. I can't speak in universal terms, but we had some positive feedback from our users regarding user experience.  

We use the Conditional Access feature to enforce fine-tuned and adaptive access controls, an excellent feature we use to enhance the security of all the machines connected to our domain. Users cannot access long-term data, data from untrusted devices, or data on connected personal devices.  

We use Azure AD Verified ID, which is a good feature for privacy and control of identity data; it offers a good level of secrecy. 

We've been using the solution for over six years now. 

The product is stable. 

The scalability isn't an issue; it depends on our license.

We previously used Microsoft's technical support, which was excellent; they were very responsive. Now, we use a CSP, and their support is lacking, so I rate them five out of ten.

Neutral

The initial setup was straightforward, and a partner was present to assist us during the implementation. We have around 250 users, and the solution doesn't require any maintenance.

The product's price is in the midrange. 

I rate the solution eight out of ten. 

Azure AD helped to save some time for our IT admins but not for our HR department, as they don't currently have access to the tool.

I recommend the product to those considering it, though it depends on the use case and requirements. If Azure AD has featured you don't need, then going with one of the cheaper competitors could be a better option.   

We use Office 365 for our emails and Office. As part of that, we have Active Directory on the cloud. We want to safeguard things, keeping in mind the recent upsurge in cyber attacks.

I get a single pane of glass view of all the users. I know who has been registered, who has joined, what their last activity was, and when they logged in. If I extend it, I can purchase Intune from Microsoft and I'll be able to do mobile data management.

Single sign-on is the reason we use AD.

I would like to see a better user interface. Right now, it's not that great. Maybe there could be a dashboard view for Active Directory with some pie or bar charts on who is logged in, who is not logged in, and on the activity of each user for the past few days: whether they're active or not active.

I have been using Azure Active Directory for about a year.

It's definitely stable, a 10 out of 10.

We are a small company so it is scalable, seamlessly. We don't even have 100 users, so we don't have any issues with scalability.

We were previously using Gmail, which didn't have anything of this sort, so we moved to Office 365 which has Azure AD. We have joined the domain controller using Azure AD now.

We were not involved in any deployment. It was automatic. The moment we signed in, we were part of Azure. It was straightforward. We just purchased our license, logged in, and we were automatically onboarded to Active Directory seamlessly.

It doesn't require any maintenance. It's managed by Microsoft.

There is a return on investment for us with Azure AD.

Azure AD comes with Office 365, so we are just paying for the Office 365 license.

We did not evaluate other options because Azure AD seems to be the market leader.

Azure AD is one place where you can manage all users and devices and it's safe and secure.

I have come to depend upon Azure AD as my go-to identity management tool. Almost all businesses today use a Microsoft cloud-based product in some form or another, and integration in Azure AD ensures consistency, compliance, and simplified integration across the enterprise.

Additionally, we use many of the built-in security enhancements and features offered by the solution. Single sign-on and other integrations into a range of line-of-business software applications add to the many use cases available through Azure AD. Along with securely extending the on-premises environment to the hybrid state.

The key improvements to our organization are:

1. A singular control plane is enabling a more efficient administrative process.
2. RBAC simplifies role access providing a simpler approach to zero trust.
3. Onboarding and offboarding extend to every integrated application meaning that compliance is maintained.
4. PIM and PAM: Privileged Identity Management and Privileged Identity Management make controlling access considerably easier and ensure that authorized access is achieved.

With so many features available out of the box, it is difficult to adequately summarise in the space provided here.

I find that integration of enterprise applications outside of Microsoft via OATH and SAML is by far one of the most valuable features as it makes software distribution and access simpler and, with SSO enablement, ensures a lower threat surface from end users.

Azure boasts 90 compliance certifications, and this exceeds that of its competitors. With the compliance manager resource, you can control the company’s compliance tasks from one place.

The tool helps you meet complex compliance obligations. For example, you can undertake continuous risk examinations, provide an outlook on your company’s status and provide opportunities for improvement as needed.

With Azure Advisor and the Secure Score continually assessing your security and compliance posture, there is less need for highly paid security engineers. Especially when considering the size of the Microsoft security operations team also monitoring significant portions of the client environment.

It's really difficult to speak to this. The product is constantly undergoing feature enhancement and enrichment, and anything I would like to see coming is already available for public review.

Azure Active Directory is an easy-to-deploy, robust unified identity and access solution that securely extends your existing on-premise infrastructure to the cloud and provides seamless integration for in-house applications and 3rd party SaaS platforms. Granular policy-driven access controls ensure that access is granted only to authorized identities and devices and from approved locations. Azure AD includes an array of security and compliance options to ensure your business governance is adhered to without impacting productivity.

If I had to pick one, it would be to put the features of P1 and P2 into a single license.

I have been using Azure AD for approximately seven years.

The platform is not without its occasional hiccups, however, in general, it is stable and issue-free.

There are few other identity options available with the scale made available by Azure AD.

Support is hit-and-miss. Some days you'll get someone amazing who has the right knowledge and is willing to go beyond to help. And then there are the other times when help isn't forthcoming.

Neutral

The initial configuration is simple. The configuration process is guided so that even a non-technical person can successfully complete the onboarding.

We use Azure AD to manage users in terms of user accounts and profiles. We also use it to manage applications, access control, and application management.

Azure AD has helped improve the onboarding and offboarding process, especially with the user provisioning and SSO. With Azure AD, once a user account is created, the user automatically gets synced across all of our applications without the admin having to touch each application once at a time.

The solution helped improve our onboarding process by saving us a lot of time.

The feature I have found the most valuable is user provisioning (SSO). Azure Active Directory provides a single pane of glass for managing use cases. 

How it works is once it has all been set up, it allows the user to use the same credential – the username and password – across multiple applications. It creates ease of use for the user as they don't have to keep entering a username and password across multiple applications.

Azure AD allows us to manage the users' access from a single point. In a typical environment, if, for example, a user exits the company and the account needs to be disabled, you would have to go across each application to disable that access. With the Microsoft experience, you just have to disable it from the Azure Active Directory, and then it syncs across all of the applications. Once the account is disabled on the Azure, the accounts are disabled on all applications. The user instantly loses access across all applications without the admin having to go to each application one at a time. When you are offboarding an exited user or an employee that leaves the organization, there's no room for error in terms of missing out or forgetting to revoke an access for a particular application.

I would like to see Microsoft communicate how they intend to manage legacy applications. Right now, you still have to deploy a hosted domain server (which comes at an extra cost) if you have a legacy application that cannot sync properly with the enterprise applications and the modern applications.

I have been using Azure Active Directory for about five years now. 

Azure is stable. 

Azure is scalable. 

Microsoft's tech support is very responsive and really supportive. They will work with you if you have any concerns or if you have any issues. They have experts that will be able to jump on a call with you and assist you in making sure that whatever your concerns are, they all get resolved.

Positive

I did not previously use a different solution. 

The initial deployment was straightforward for me because I already had a pretty good experience managing the on-prem Active Directory. The deployment of the directory itself does not take long. However, it took us about a couple of months to carry out the user creation, create the Conditional Access policies, and to test. You have to test your policies before you go live. We had a lot of design to do in terms of setup, testing, rollout, and setup for each feature that we needed to implement. We had more of a test phase before the go-live phase. That's why it took quite a while. 

We did our deployment in-house. We had three people on the deployment. 

We have seen a return on investment from Azure AD because, first of all, we have been able to use the Cloud infrastructure to bring in more response. Also, it has high availability. We can easily scale it up or down, thereby managing costs. Now, in terms of the Azure Active Directory Office 365, we also have scale licenses where we get to manage the licenses across multiple users, thereby reducing costs of having to purchase one per user.

I would say that Azure AD's pricing is very reasonable because of the structure and in terms of the solution. I can offer this tip for the licensing: if you plan on going to a CSV, you can get a certain level of discounts.

We looked at Google Workspace when we were trying to migrate from on-prem to the cloud. At the end of the day, after analyzing and comparing most of the features that we are going to go with and how it will integrate with our existing system, we found the Microsoft Azure Active Directory to be more effective and better suited to our requirements.

This is how Azure AD stacks up against Okta. Okta is a third-party application for syncing user profiles from on-prem to cloud. However, Microsoft already has a pretty good application for that, which is Azure's AD Connect. It's more or less the same thing as Okta and more effective in the sense that with AD Connect we can actually get to query the user objects in terms of all the attributes to work on-prem and on the Cloud, just the same way you probably do it if you run an LDAP query. This is something you might not get with Okta because of the integration with the Active Directory.

My advice to someone looking to implement the solution is: your in-house technical support needs to understand the technology and your requirements as an organization because Azure is very robust. You need to know exactly what you intend to deploy and the requirements you intend or need. If you have that covered, Azure AD will be simple and straightforward to use. If you are able to plan and manage the users and services, it is really cost-effective.

I have identified that Azure Active Directory has a lot of features that are handy and useful. Microsoft is also constantly improving on it and it has all the required features that my organization requires. 

Azure AD is helpful and user friendly when it comes to managing identity and access tasks. It helps you manage that effectively because you have all the clouds, you have profile creation, you have all the features. Everything is easy to locate and simple to navigate.

Azure AD allows us to improve compliance for enforcing fine-tuned and adaptive access controls. It also allows us to manage access to all the applications in our environment. With it, we can create design policies that either the leader or the identify side from HR has to comply with before a particular user gains access into our environment or into a particular service within our environment.

We use Entra's Conditional Access feature in conjunction with Microsoft Endpoint Manager. We do so because one part allows for full control in the endpoint for managing access on the user and that user as an object, and then the other manages the device as an object.

This combination has the ability to reduce the risk of unpatched devices connecting to your corporate network. It will prevent a user from accessing an environment or a service space via a compromised device. If a user, for example, tries to access our network, service, or environment, via a compromised personal device, this combination will help prevent that kind of intrusion. Also, if a corporate authorized device gets compromised, that's when we find out the device is authorized to access that environment. It also helps to manage and restrict access.

Entra has helped our IT administrators and HR department save time. As a rough estimate, I would say it has cut our costs down by 20 hours per week.

Microsoft Entra has affected our employee user experience by helping to manage the end-to-end communication between user, device, and services by creating a very similar communication and very similar to the experience, which allows the user to be able to connect seamlessly to services and also to the device itself.