Microsoft Entra ID Reviews

Microsoft Entra ID is used to control access to our environment.

Microsoft Entra ID has been most beneficial in the realm of IT management, although not significantly impactful on user experience. Microsoft Entra ID is not solely for user management or enhancing user experience. Rather, it greatly aids in constructing operational processes for IT management, as its capabilities extend far beyond user and access management. In terms of refining user experience, it certainly contributes to areas like authentication, particularly in diverse authentication methods and device-based authentication. 

The best thing about Microsoft Entra ID is the ease of setup.

If we're highly experienced or dealing with intricate scenarios, Microsoft Entra ID might not be the most suitable solution. In my opinion, it resolves the majority of cases, but it lacks comprehensive management tools for access control. I don't consider it the premier tool for user or identity management. While it covers many aspects, we'll need supplementary tools to effectively manage access rules. This deficiency is quite significant. To make it viable for a large organization, substantial additional development is necessary.

Microsoft Entra ID provides a way to manage user access, but it's not an effective tool for access management due to its excessive complexity. This is primarily because the process needs to be performed manually. Therefore, it lacks a user-friendly interface where we could define all access rules and scenarios comprehensively.

Zero trust is not easy to set up, especially for large organizations. While it could be implemented for smaller organizations, the extensive manual configuration required makes it impractical for larger enterprises.

Microsoft Entra ID's impact on access and identity management is relatively limited.

The single interface for managing permissions, permission rules, or conditional access policies needs to be significantly more user-friendly. While it remains functional for IT departments, it is not particularly user-friendly for end users. There is considerable room for improvement in this regard.

Microsoft Entra ID offers various features, but its setup and utilization are quite complex due to the lack of a user-friendly interface for end users. Unless we allocate a significant budget and a substantial workforce to configure it for end users, making it usable remains a challenge. Moreover, even with these investments, the cost of using Microsoft Entra ID would become prohibitively high. Thus, it's evident that the platform lacks the necessary functionality to provide a satisfactory end-user experience. 

I have been using Microsoft Entra ID for eight years.

The solution is stable. I have not encountered any stability issues.

Microsoft Entra ID is scalable.

I have had a positive experience with technical support. Additionally, if we opt for premium support or possess varying levels of support agreements with Microsoft, we can access excellent support.

The deployment is quite straightforward. It's truly uncomplicated from an IT perspective to utilize Microsoft Entra ID. It's not overly intricate in that aspect. However, when we delve into end-user scenarios, and the management and configuration of conditional access policies, permission management, and other similar aspects, it does introduce a certain level of complexity, naturally.

Microsoft Entra ID service can be quite costly due to its hidden expenses linked to usage. This cost ambiguity arises from our inability to accurately project expenses prior to implementation, contingent upon the specific features employed. The expense is particularly notable if we intend to utilize it for comprehensive identity management. Nevertheless, alternative budget-friendly identity management solutions are limited within the current market landscape.

There are no additional costs for maintenance because most of the parts are cloud-based and managed by Microsoft. This means we can't manage it ourselves. However, if we had a private cloud with Microsoft Entra ID, for instance, then we could manage our entire cloud ourselves. This would allow us to have good control of the costs. But there are many small components in Microsoft Entra ID. So, when we are planning to build something with Microsoft Entra ID, we might struggle to understand the total cost for the users. It's difficult to comprehend all the necessary pieces we need to purchase to construct a scenario. Only after we have designed this solution, we will be able to see the complete cost. Unfortunately, there are numerous hidden costs in Microsoft Entra ID that I am not particularly fond of.

If we consider the top three or four management tools, they offer numerous out-of-the-box features for connecting to HR sources. Furthermore, we have a straightforward method for establishing access policies based on our HR data. In my opinion, competitors hold an advantage over Microsoft Entra ID.

I would rate Microsoft Entra ID eight out of ten.

We can achieve a great deal with conditional access policies; however, using the interface itself is quite cumbersome and not very user-friendly. Consequently, there are very few tools currently available that offer a well-designed user interface for managing access policies. This is consistently a highly intricate scenario.

Based on my experience, Okta functions primarily as a solution for managing customer access or customer identity, rather than being the conventional method for handling business or corporate identities. It's more focused on robustly managing customer identities. However, in my previous procurement roles, it has never been selected as the primary option. This could be due to my limited exposure to customer identity management. Thus, I find it challenging to draw a direct comparison. On the other hand, Microsoft Azure Active Directory can certainly serve as a customer identity management solution and is comparable in this aspect. However, the comparison doesn't hold true for user identity management.

The maintenance is controlled by Microsoft because the solution is on their cloud.

Organizations should refrain from exclusively using Microsoft Entra ID for all identity and access management scenarios. This is because relying solely on Microsoft Entra ID necessitates creating additional components ourselves to address aspects that cannot be readily addressed using the default Microsoft Entra ID setup. We are required to construct these components and establish phases for end users, as Microsoft Entra ID does not encompass all these functionalities. A more effective approach could involve integrating Microsoft Entra ID with another product, such as SailPoint. This combined utilization would likely result in a robust identity management solution. It's important to recognize that Microsoft Entra ID alone cannot adequately address all our scenarios.

We use Azure AD which enables our customers to remotely access the shared machines within their office, allowing them to work from any location.

Our primary customer transitioned from using a local cluster to utilizing Azure. They initially utilized Hyper-V and have now combined Azure AD with SharePoint Office 365. This new setup has proven to be much more convenient for them compared to their previous local arrangement, which did not work well. With Azure AD, I was able to exert greater control over the content on their machine.

Azure AD saved time for our IT administrators and HR departments, particularly when they need to reset their own passwords or grant permissions to other people within the group by themselves. This saved around 60 hours in total.

Azure AD helped save around 18,000 euros.

Azure AD significantly improved the employee user experience in the company by providing them with enhanced accessibility to their information and facilitating seamless login and logout from their machines while working from home. This is a significant shift from the previous system that relied on a local username and VPN connection and was limited to a fixed cluster.

The most valuable feature is the ease with which a person can log in remotely using only a password or pin without creating a profile or policy.

The permission management is a mess because it is not centralized, especially when we go back from Azure, which is quite big to SharePoint. This is not really well done and has room for improvement.

I would appreciate it if Azure AD could provide an option to simplify its interface by removing unnecessary features for small companies with a maximum of 50 users. This would make it more user-friendly for our customers who find the current interface overwhelming due to its numerous options.

I have been using the solution for almost 12 years.

Azure AD is a stable solution.

Although Azure AD is intended to be scalable, we have not yet verified its scalability by adding more users.

The initial setup is straightforward. The deployment required around six hours. I only had to import to write the existing users into Azure.

The implementation was completed in-house.

The solution can be cheaper.

I evaluated Google Workspace but I prefer Microsoft.

I give the solution a nine out of ten.

The only maintenance required for Azure AD is to modify certain parts on Windows by using policies.

The usefulness of Azure AD depends on several factors such as our intended use, the current system, the number of users, and organizational size. While Azure AD is an excellent choice for larger companies, it may not be beneficial for individuals.

The primary use cases are task tracking and technical documentation, but I'm a project manager, so I also use the product for other jobs.

We have around 15 total users, with a couple of admins.

The boards for task tracking are a valuable feature. 

Azure AD is a turnkey solution; it provides many features for developers to use in one place.

Many of the features are outdated, so the UI and UX could be improved. 

The wiki is hard to use as it's more of a repository for technical information, but when I'm writing a PRD, I need more tools for writing. 

It would be good if the UI were more visually appealing, as it looks dated compared to other products on the market. It works fine for the dev team, but the navigation could be improved, especially for managers.

I've been using the solution for around two years. 

The stability is okay overall. 

The product is highly scalable; it's enormous and has many features.

I previously used a variety of solutions for task management, including Asana, Teamwork from Microsoft, Jira, and so on. 

I wasn't involved in the deployment; the solution was already in place when I arrived. It doesn't require any maintenance that I'm aware of. 

The product is relatively affordable, especially compared to Okta, a pricey solution.

Azure AD helped save my organization money, as it's a turnkey solution for dev management, though I can't say precisely how much as I'm not involved in the financial side.  

I rate the solution six out of ten. 

I don't use Azure AD's Verified ID, but I'm considering an identity management solution. I'm hesitant about which one to choose, and the choice is between a product from Okta and the one from Azure AD.

I use the Permission Management feature, which I look for when choosing an identity management product, but I'm still in the research phase with this feature.

Most of our staff are okay with the quality of the end-user experience within our organization, but it could be more comfortable to use for managers. It's a challenging solution to implement for every department or team because not everyone likes the UX, and it's pretty outdated when it comes to product document writing. I had an unpleasant experience when we had a power cut, and I lost two pages of documentation, as there is no autosave feature. This is important from a manager's perspective but less so for developers.

For those considering the solution, talk to your dev team to determine if it covers their needs. If so, use it, as it has many features and is very scalable.

I use it to access my work applications. When I install Microsoft Teams or Outlook, or I want to access my work applications, I authenticate myself using Microsoft Authenticator.

During the pandemic, one of the challenges for organizations was how to secure their IT networks. People were working remotely, and some of them were working from the remotest locations. It gave confidence to the organization that only the right person was getting access to work applications.

It also improves your customer experience or employee experience. You don't have to rely much on servers. 

Being able to easily authenticate yourself on the MSA app is valuable. It is easy to use. Rather than receiving a code in an SMS, you can just verify that it is you. You don't have to punch in any password or any six-digit code. That's the feature that I like the most.

It does give you the confidence that no one else can access your details or can have access to your account because it does add a second layer of security. Even if someone hacks the server where my details are stored, unless and until I authenticate myself on MSA, even hackers won't be able to get into my account.

It works absolutely fine from the login perspective. You can also configure it on third-party devices, and it works pretty well. I haven't faced any issues from the login point of view.

They can improve how people manage their accounts. They can simplify and provide more information about adding or updating a phone number or email id in the MSA account. A lot of time users do get confused about where to go. For example, if I've changed my mobile number, where do I go and change my mobile number in the MSA account? A lot of time, employees think if they change the phone number in the HR database, it'll automatically get changed on the MSA account, which is not the case. Microsoft can simplify that and add these questions in the FAQ documents as well. They can provide more clarity about how it is different from your organization's database.

Voice recognition could be added going forward. With a smartphone, such as iPhone, as well as with Windows Hello for business, you already have facial recognition. Voice recognition is something that could be added going forward, especially for people with special needs.

I have been using it for a year.

It is quite stable. Coming from Microsoft, you don't question the stability factor at all. I have Microsoft Authenticator installed on my phone, and even when I switched organizations, I could simply add my new workplace email id, and it worked absolutely fine. It is quite stable, and it gives you a good user experience.

Scalability-wise, it is quite good. We were rolling it out to 150,000 people across the globe and different geographies. One of the good things is that Microsoft doesn't need any introduction anywhere. In terms of user experience, it is right up there. It is also right up there in terms of how different work applications align with it. I would rate it quite high.

Technical support was good. We didn't have to rely on Microsoft's technical support big time because the solution worked very well overall. We had our third-party technical support team involved as well.

Positive

Before Microsoft Authenticator, we used Okta Multi-Factor, and prior to Okta, we were totally relying on passwords, which was obviously very risky. 

We switched to Microsoft Authenticator because when you implement the whole Microsoft 365 suite, especially in a large organization, all the work applications sync pretty well with Microsoft, and you already have a good relationship with the vendor. 

It was initially on-prem, but later on, we shifted it to the cloud. When I joined the organization, it was already on-prem, and I helped to shift all the data from on-prem to Azure cloud. The process was a little complex. We had a few on-prem issues, and we had to redo the capability testing to check if those issues will arise on the Azure Cloud as well. It was complex because we were again asking some of the users who had changed their phone numbers to go and re-add their phone numbers. If they had the same phone number, it would have worked fine, but if they had changed the phone number, once it is shifted from on-prem to Azure Cloud, it wouldn’t have worked anymore. So, they had to re-add their phone number. The challenge was to identify those users and convince them to redo the activity. This switchover took about two quarters or six months.

We had a team of about 7 to 10 people from project management, change management, IT, and global IT teams. We are a massive organization. It was being rolled out to 150,000 people across the globe.

We did pilot testing across different functions and across different geographies. That's the standard practice that we follow in our organization.

We have seen an ROI. We were able to secure our IT networks by more than 80%. More than 80% of the audience did subscribe to MSA and used it for logging into their work accounts.

It took us two to three months to realize its benefits from the time of deployment. We did run a pilot batch. We were trying to customize the solution according to our network. Within a quarter, we were able to identify its benefits.

I'm not totally aware of the pricing and licensing, but I do know that the pricing and licensing must be quite balanced. We are a pretty old client of Microsoft, and MSA is just one of the services we use from Microsoft. There's a whole Microsoft 365 suite that's implemented as well. I'm sure it is something that is acceptable to both parties.

We were totally relying on Microsoft. We didn't evaluate any other vendor.

To those looking to evaluate this solution, I would advise doing proper pilot testing to iron out any hurdles later on. It is important to take a call on whether you want to adopt the on-prem model or the cloud model. Obviously, the on-prem model is not sustainable if you're trying to secure your IT networks. The cloud model is more sustainable in that sense. I would advise taking that call right in the beginning.

I would also advise considering how to secure third-party devices. There might be third-party contractors who don't have the company laptops, but they do have company email ids to log into the company accounts from their own devices. You should work out how you are going to add those devices to the secure cloud.

I would rate it a nine out of ten. In the next version, if they can come up with voice recognition, especially for people with special needs, it will be helpful.

We use it for various things in the organization:

1. Provisioning access to systems in the cloud for either internal teams or our partners' external teams. 
2. We use Azure AD for Windows device management with Azure AD Intune. We use them for the management of devices. We have company devices, laptops, or tablets all using Azure AD. 
3. Within Microsoft Azure, we use various services, e.g., Office 365, for granting the right level of access to the right people.

I am directly involved in the project. I know what is happening and being done by developers. I have also done some hands-on work in a test environment, using my own account, just to learn.

In our previous organization, we had to give continuous system access to users from external teams, who were not employed by our organization. This solution certainly helped with provisioning access to them, providing them with single sign-on access. It also monitored giant movers and leavers, which was helpful. 

Azure AD has massively affected our end-user experience. It provided a single sign-on for all our partners. They don't have to remember their password. They might be accessing 10 of our systems and don't really need to remember all 10 different user IDs and passwords. In most of cases, they are accessing our systems with their own organization's identity, so they don't need to remember a second user ID and password in addition to their organization's credentials. Requesting access is much better since it is all automated.

Their connection to the on-prem AD is a strong point. A lot of organizations already use on-prem Active Directory. That easily lends to using Azure AD compared to other providers. 

I like the automated provisioning of access, either for internal teams or external teams.

It has things like conditional access. For example, if someone is accessing sensitive information, then we could force them to do multi-factor authentication. Therefore, we can stop access if it is coming from a location that we did not expect. 

Compared to what we can do on-prem, Azure AD lacks a feature for multiple hierarchical groups. For example, Group A is part of group B. Group B is part of group C. Then, if I put someone into group A, which is part of already B, they get access to any system that group B has access to, and that provisioning is automatically there.

Geo-filtering is not that strong in Azure AD, where we need it to identify and filter out if a request is coming unexpectedly from a different country.

I have been using it for five and a half years on multiple projects.

It is very stable. In the last five years, we only had two major incidents on Azure AD. This is key for Azure services. If your Azure AD is down, then it brings down a lot of other services within Azure. 

It is very scalable.

My previous organization, which did power plant construction, had hundreds of partners at any time and about 10,000 internal staff. 

The product is extensively used. Many times, we have changed the way that we design based on new features introduced by Azure AD, so that drives what we do and how we design. Therefore, if they introduce a new feature, we send it straight on to be researched, then determine where we can use it. 

I am not directly in touch with technical support. I have never been on the other end calling Microsoft for technical support.

We didn't use another solution prior to Active Directory, which has been in place for a long time (20 to 30 years).

When we started using this feature, it saved time when provisioning access to users. Critically, it removed access to users who did not need access to the system. That was a significant improvement. Time-wise, we saved about tenfold. Its day-to-day maintenance is also much easier than without it.

We chose Azure AD when going to the cloud. It was key for us to maintain security within the organization. I don't think we could imagine securing our cloud without identity management as strong and rich as Azure AD. It is a key player in anything that we do on the cloud to secure resources and a critical element that determines our security.

I have set up test environments. The setup is easy, not difficult at all. This is one of the solution's strong points.

A lot of people already have on-prem Active Directory. It is a natural step to extend it to Azure.

Compared to other products in the market, the Azure AD deployment is the fastest. Depending on the size of the organization, it could take weeks or months to deploy.

For an organization of 10,000 users, there might be a team of five to six people supporting AD for day-to-day things.

Pricing-wise, they offer a stepladder approach. You can start with the lowest level features, then start increasing based on new requirements.

I have not really tried any other products, so I wouldn't be able to compare it with other stuff.

Start small, then expand it. When your organization wants to add Azure AD, you can try it on a smaller scale first.

I would rate it as eight out of 10. I am unfamiliar with other products in this market. That is why I am compelled to give it eight out of 10.

We use this solution to authenticate to the portal. There are also some VMs that are not domain-joined, so we use Azure users that we create natively in the portal.

We also use it for our applications. The accounts that we create natively in Azure are used for application authentication.

We have a hybrid deployment model where some accounts are primarily native in Azure, whereas others are on-premises. We also have accounts that are synchronized between our on-premises servers and Azure.

Azure AD has features that have helped to improve our security posture. We have a service called Azure AD Privileged Identity Management, where instead of our administrators having permanent access or permanent admin assignment, they can now activate admin roles only when they need to perform administrative-level tasks.

This means that instead of using permanent assignments, our administrators activate the specific roles that they need at the moment that they need them. After the task is complete, the administrative access expires. This has definitely improved our security posture.

Using this product has also had a positive effect on our end-user experience. The self-service password reset is something that has definitely improved our end-user experience. Instead of having to call our service desk, users can now reset their own passwords.

This is important because due to our multi-factor authentication, we no longer have policies where we have to have periodic password changes. We have three and four-factor stages of authentication, which makes our logins more secure. This is why users don't have to change or reset their passwords on a regular basis.

One of the ways that Azure AD has improved the way our organization functions is to help cut down on service desk requests. If I have an issue with my password, in the past, I would have had to log a ticket with the service desk. With most of us working remotely, this would've posed a challenge. It would have required the service desk to verify that I am who I say I am, for example. Now, because users set up their own profiles and are able to change passwords for themselves, at any moment that their account is compromised, they're able to change their own password.

Overall, this solution has definitely improved our organization's security posture. We no longer have permanent administrative permission assignments, and we are also able to restrict who is able to log in to certain applications. Finally, we are able to see and review any risky or suspicious sign-ins.

Specifically, in the infrastructure team, we now have managed identities. Instead of having to create service accounts, we have managed identities that are directly linked to our resources that support them. All of that is managed by Azure Active Directory.

Another way that this solution has improved how we do our work is that we no longer have to keep a record of all service accounts or use one service account for multiple services. Now, each service that supports managed identities can have its own service account, and that is managed by Azure AD.

The most valuable feature is the conditional access policies. This gives us the ability to restrict who can access which applications or the portal in specific ways. We are able to define access based on job roles. For example, I'm primarily in the infrastructure team and only certain people should be able to connect to the Resource Manager. We can also define which IP addresses or locations those people can connect from before they can access the portal.

If your organization requires additional security then the subscription will be more expensive.

I have been using Azure Active Directory for approximately five years, since 2016.

In terms of stability, Azure Active Directory is definitely an improvement from what we used in the past. I'm happy so far with the offerings and we hardly ever have any service disruptions.

We have a lot of different people using this solution. We have normal users and we have administrators. It's a large organization.

So far, I've been happy with the technical support.

There are very few service disruptions and also, because of our agreement with Microsoft, we are able to get escalated support.

We hardly ever have any downtime. When we do need support, it's normally escalated and our service is restored in a reasonable timeframe.

I would rate the technical support a nine out of ten.

Prior to this solution, we used the on-premises version of Active Directory.

The switch was part of our cloud migration strategy. For us to be able to use our apps and workloads in the cloud, we had to have Identity Management as part of our migration scope. It's linked to our cloud migration strategy.

I was not involved with the initial setup but I assume that it was not complex because we have Microsoft consultants assisting us.

We specifically work with Microsoft directly. We don't use a reseller or service provider. All of the assistance that we get is directly from the vendor.

Our technical team is responsible for deployment and maintenance. I'm not sure how many people are in that team. Somebody from security is involved, but I'm not sure what other roles are required for maintenance tasks.

We have definitenly seen a return on investment from using this product. We have seamless authentication, quicker response times, more robust security, access from anywhere without having to set up VPN links, and federated models.

If we had similar services on-premises, I assume that it would be expensive, especially given that we used to have a perpetual licensing model. Now that we are able to have a subscription-based service, it has not only improved our security posture but also cut down on costs.

My advice concerning the pricing and licensing would vary depending upon the stage of maturity of the organization. I've been with companies that are using the Office 365 license for Active Directory, whereas others are able to use the free version of it.

For organizations such as the one that I'm at now, where we require more security and have services like the Conditional Access Policies or Privileged Identity management, you have to upgrade to a higher level of the solution.

I'm not sure about the specific costs or how they're calculated, but essentially, the costs go up based on the level of security that is required by the organization.

I can't say for certain what our future plans are for Azure AD but I see it being used long-term. It has helped our organization to grow because of what we are able to do. Also, it has greatly improved our security posture because of the services that are available.

I would rate this solution an eight out of ten.

We used Azure AD for a role-based customer access mechanism. We implemented a single tenant, single sign-on for users of the application. We gave them a sign-on feature with OpenID Connect.

Previously we had to manually create the authentication server, but when we used Azure AD, we got the server directly from Azure. I didn't have to design the server.

We were also able to filter on the domain for the client I was working for.

In addition, we used Azure AD's Conditional Access feature to enforce fine-tuned and adaptive access controls. That was pretty useful because we didn't have to do much because we had attributes like authorized tags. And we configured scope, meaning who can access what, in the manifest. It was not very complicated.

And Azure ID has definitely helped save us time. Earlier, we had to depend on the infrastructure team, a different team, to manage the Active Directory permissions. But now, most of the time, the developers have access in the portal. It is saving us about 40 percent of our time.

The most valuable features of Azure ID are the single sign-on and OpenID Connect authentication.

Also, it was very nice that the documentation, the articles and help, on how to implement what we were trying to do, were available freely on the site, making it easy to develop. We did two or three sprints because things worked. Most of the time was spent on development and testing. But the deployment was easy.

Maybe I don't have enough experience, but when you fix the rules and permissions, working directly on the manifest, you really need to have in-depth knowledge. If there were a graphical user interface to update the manifest, that would be good. For example, if I want to grant access to HR versus an admin, I have to specifically write that in the manifest file to create the various roles. That means I'm coding in the manifest file. A graphical user interface would really help.

I have been using Azure AD for two-plus years.

The stability is 95 percent. We don't have any issues with it.

Of course it's scalable and that's why we choose the platform. We only have two regions in the load balancer. We have not gone beyond that, so we have not faced an issue.

We deployed it in multiple locations for our customer.

We haven't contacted Microsoft support.

I have played a small role in deploying Azure AD, but I have not been involved in the migration process. Overall, the deployment is easy. It took us 20 to 25 days, including fixing issues. That was normal, nothing unusual.

Regarding maintenance, the team I'm on does application maintenance. For Azure, we have a cloud admin who looks at the Azure portal for things like billing, access management, and admin work.

Some people use SAML technology for single sign-on. Although I haven't used it, it seems a bit complex. I started working directly with Azure AD OpenID Connect to a single tenant, or Azure AD B2B or B2C, and it was very smooth. It was not much of a challenge. Most of the complex things are taken care of by the Azure AD login. Usually, you don't need to do a deep dive into what is happening internally. 

Microsoft is like a "hovercraft", as opposed to scuba diving. With Microsoft, you can use the "hovercraft". Without touching the river you can cross it.

I have not explored many other competitive products, like GCP or AWS. I am a supporter of Microsoft products.

With Verified ID, things were secure. In recent news, there has been some hacking due to some developer using an email ID as opposed to OpenID, but our team did not use email IDs. Even if we were using email IDs for single sign-on, the user still needed to sign up with a password, so it was not possible to impersonate someone else.

The user experience, the interface, is very smooth. We have never had any problems with the single sign-on.

When applications are hosted on Azure, you should use the advantages of Azure AD.

We primarily use the solution for our AD. Azure AD and Microsoft Entra ID are basically the same, they are currently rebranding. I basically manage users and permissions.

It's made it easy to manage our users. It's also easy to deploy across the company. It pulls over the Exchange and does everything together in one go. You just have to get the licenses.

The login process is easy. It's very user-friendly for users. We can check the logins and handle user management. It's quite simple and easy to use.

It provides a single pane of glass for managing users and access. It's easy for users to handle multiple devices. It makes the sign-on experience better. It can easily teach users how to use the authenticator app.

I'm able to get reports on the database to help give visibility to security. I don't handle security, however. I'm there for support. People can use the data to perform investigations. 

The ID is quite useful. The Azure ID admin center can manage all identity access tasks across an organization. We can easily set up users. It's something you need in every company. Most of the basic stuff is done for users.

The Verified ID is useful for authentication. You can set it in your privacy settings. 

The solution has helped us save time.

The experience overall has been good for employees when they need to get an ID. If you need an extra license, it's just a matter of clicking one button.

We'd like to be able to link to non-Mircosft products, like Linux. There isn't much open source that links up with Azure. Most open source, however, can link up with AWS.

I've been using the solution for four years now. 

The solution is stable. it's dependable. 

We have about 100 users on the solution. 

It's easy to scale up or down. It does what it needs to do. You can always edit or delete resources as well. 

We haven't had any issues. Therefore, I have not really dealt with technical support. 

Positive

I was also working with Microsoft Active Directory on-prem. I'm new to this company; I've worked with other things in other companies before. 

I've used Okta in the past. I find the Azure pricing more user-friendly and I find it's better in terms fo team collaboration. For example, with this, you can also implement Microsoft Defender which can help you monitor users as well.

We have it deployed to the cloud; it's too expensive to maintain on-prem hardware. 

I was not directly involved in the deployment of the solution. 

Only two people have to maintain the product. 

The pricing is expensive. It's in US dollars. I'd rate the affordability of pricing six out of ten. 

I'm not sure if the company evaluated other options. 

I'd rate the solution eight out of ten. My advice would be to stay virtual and not on-prem or you'll have to pay more.