Try our new research platform with insights from 80,000+ expert users
Global Head of Identity and Access Management at Adecco
Real User
End users have one password to get into their online applications, which makes for a better user experience
Pros and Cons
  • "It is one of those costs where you can't really quantify a return on investment. In the grand scheme of things, if we didn't have it, we would probably have a lot more breaches. It would be a lot harder to detect issues because we would have people using static usernames and passwords for various sites, making us open to a lot more attacks. The amount of security and benefit that we get out of it is not quantifiable but the return of investment from a qualitative point of view is much higher than not having it."
  • "Some of the features that they offer, e.g., customized emails, are not available with B2C. You are stuck with whatever email template they give you, and it is not the best user experience. For B2C, that is a bit of a negative thing."

What is our primary use case?

It has allowed us to use other SaaS products that will authenticate with Office 365 as well as other Microsoft products and non-Microsoft products, so we can have a single sign-on experience for our users. Rather than them needing to have multiple usernames and passwords, they just use whatever they have as their main username and password to log onto their machine.

It is SaaS based, but we sync up from our on-prem into Azure AD.

How has it helped my organization?

With COVID-19 at the moment, this solution is a good example of where we needed to move a lot of our traffic from our on-prem authentication into the cloud. Last year, before I joined the company, we had to setup our VPN differently. It was easy enough for us to do because our machines were already joined to Azure AD. We just split the traffic and stopped having to rely on our on-prem VPN for our Office 365 traffic. We were just good to go into the Internet because we had all the features setup, e.g., MFA and Conditional Access, which made life a lot easier.

It has made our security posture better. There are always improvements to be made, but we feel more secure because of the way that things have been setup and how everything integrates together.

What is most valuable?

  • Single sign-on is the most useful at the onset. 
  • The dashboards offered are very granular, in terms of usages. 
  • We find the Conditional Access element and Multi-Factor Authentication side of things very useful. 

These features let us have secure, yet user-friendly interactions, rather than having to be embroiled in various types of signups for each application. These allow us to be a lot more granular as well as making sure our environment is more secure. Our accesses and users remain secure too.

Multi-Factor Authentication (MFA) and Conditional Access have helped us be more secure. There is one place where all these features are posted, making life a lot easier. If we were to try and buy these separately, then it would be a painful experience. Whereas, if it is in one product, then all these features talk to each other and it is available for us in one go. For example, when you buy a car, if you buy the steering wheel and engine separately, then you need to make it work altogether. Whereas, you just want to buy a car with everything included, making life a lot easier.

It has made the end user experience a lot better. They only have one password to get into their online applications and that makes the user experience much better.

What needs improvement?

The one area that we are working on at the moment is the business-to-consumer (B2C) element. It is not as rich as some of the other competitors out there. The B2C element of Azure AD is quite niche. Some of the features that they offer, e.g., customized emails, are not available with B2C. You are stuck with whatever email template they give you, and it is not the best user experience. For B2C, that is a bit of a negative thing.

In my previous role, there would have been a few things that I would have liked added, but they have already introduced them. Those are already in the roadmap. 

Buyer's Guide
Microsoft Entra ID
June 2025
Learn what your peers think about Microsoft Entra ID. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,524 professionals have used our research since 2012.

For how long have I used the solution?

I have been using the product for many years. I have only been at Adecco for six months, but I had experience with it at my prior role as well. Overall, I have used it in excess of five years.

What do I think about the stability of the solution?

The stability is fantastic. It is a big step from using Active Directory on-premise to now moving to something that has been completely rethought in the cloud. It is very impressive and fits into the whole Microsoft ecosystem, making life easier.

We have had some downtime, but I think a lot of that has been unavoidable from Microsoft's side of things. Microsoft made some changes in some instances which caused certain features to be unavailable, like Azure AD became unavailable a few weeks ago. I love that they were very frank, open, and honest as to what happened. However, the bottom line is that we prefer downtime not to happen. 

What do I think about the scalability of the solution?

We have had no problems with it. We are not exactly the biggest organization, i.e., 30,000 accounts. IT makes up probably 5,000 of those accounts, or less. If we were an organization of hundreds of thousands, then we might be questioning scalability. However, I have never known it not to be scalable. For medium- to large-organizations, it is fine. I think it is when you get into multiple companies with multiple complexities then it becomes a struggle. For us, it is more than scalable for our purposes.

We still have many applications that need to be onboarded to Azure AD. Because we are moving to the cloud, there is a lot more that we need onboarded into Azure AD, but it is working well so far.

How are customer service and support?

The technical support is great. We have a dedicated resource who understands our environment. We have regular meetings with them once a week where we get to discuss the current status of various tickets as well as our questions. The support that we get is very good.

We have Premier Support. We also have Premier Mission Critical Support on Azure AD, which is where we have someone who is dedicated to our setup and knows how our environment's setup. Therefore, if we do have a major issue, then they would be brought in to help resolve those issues.

Which solution did I use previously and why did I switch?

It was a given that we would use Microsoft. To use Microsoft 365, you need to use Azure AD, so that is what we did.

I have always used AD and Azure AD.

How was the initial setup?

In my previous role, the initial setup was quite simple. It was a simple case of install and follow some wizards, then you pretty much had it setup and synced to your Azure AD from the on-prem. Minimum effort was required.

The deployment was about three weeks, which was mainly the change process and getting it through our internal changes. It was quite quick. 

What about the implementation team?

We did it ourselves internally with some help from Microsoft. There were four people involved in the deployment: the service owner, a Microsoft product engineer, and two internal engineers.

We have the maintenance outsourced to a partner. However, we have had trouble with this partner because of their lack of delivery.

Ideally, I would like around five people to work with the partner and maintain the environment. At the moment, we have one person and are recruiting two others. For our scale, three to five people would be great as well as working with a partner to do the operations. That is the model that I am using.

What was our ROI?

It is one of those costs where you can't really quantify a return on investment. In the grand scheme of things, if we didn't have it, we would probably have a lot more breaches. It would be a lot harder to detect issues because we would have people using static usernames and passwords for various sites, making us open to a lot more attacks. The amount of security and benefit that we get out of it is not quantifiable but the return of investment from a qualitative point of view is much higher than not having it. 

It is the one platform that should be used for all authentication. Azure AD allows you to have one username and password to access all of your sites, which makes life a lot easier. Therefore, the return on investment is good because people have to use the one ID and password.

What's my experience with pricing, setup cost, and licensing?

Be sure:

  1. You know your userbase, e.g., how many users you have. 
  2. You choose the right license and model that suit your business requirements.

Which other solutions did I evaluate?

In the future, I would maybe like better integration with competitive products. Obviously, Microsoft would be selective on that anyway. For example, working alongside Okta as a competitor, their product seems to be a bit richer in its offerings. From what I have seen, Okta has a bit more of an edge, which is something that might benefit Azure AD.

What other advice do I have?

Be prepared to learn. It is a massive area. There are a lot of features offered by Azure AD. It works well within the Microsoft realm but also it can work very well with non-Microsoft realms, integrating with other parties. The fact it is Microsoft makes life so much easier, because everyone integrates with Microsoft. Just be prepared to absorb because it is a big beast. It is also a necessary evil that you need to have it. The advantages outweigh the disadvantages of having it.

The learning curve is both steep and wide. You can only focus on what you can focus on with the resources you have in your organization. It is such a big product and changing all the time. This means that you need dedicated people to be on it. There is a lot of keeping up with what Microsoft puts out there with Azure AD, which is great. This makes its feature-rich, but you need to be able to learn how it integrates into your business as well.

What Azure AD does for my current organization is sufficient, but we are probably not adopting most of what Azure AD has. We do not have it at a mature place at the moment, but we hope (over the next couple of years) to get it up to the latest and greatest.

It is an integral part of using Microsoft stuff, so we are not going to move away from it any time soon. If anything, we will ensure that everything is on Azure AD and authenticating users use Azure AD. That part will still take some time to do. Like most large organizations who have been around for a long time, we have legacy to deal with and some of that legacy does not support Azure AD. So, we are working towards that.

If you come from a company with legacy technology, then there will be a lot of business and technological changes for you to make.

The adoption of Azure AD B2C is progressing somewhat well. That is something that we just started in the last couple of months. We are having more of our products being onboarded into it. We will be moving other implementations of Azure AD into the one Azure AD implementation, and it has been great so far.

I would rate it as a nine out of 10. I would have given it a 10, but it is impossible for something to be perfect. The product does itself a disservice when there is an impact due to downtime, which we have had over the years. Because you rely on it so heavily, you can't afford for it to go down for a few minutes because then there will be user impact. 

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Principal Service Engineer at a energy/utilities company with 10,001+ employees
Real User
Flexibility around accessing company systems from anywhere at any time has proven to be helpful
Pros and Cons
  • "Azure Active Directory provides us with identity-based authentication, which secures access at the user level and also integrates with conditional access policies and multi-factor authentication helping to increase the identity security for that person. So, the hacking and leaking of passwords is a secondary problem because you will not authenticate a person with one factor. There is a second factor of authentication available to increase the security premise for your company."
  • "There is a concept of cross-tenant trust relationships, which I believe Microsoft is actively pursuing. That is something which in the coming days and years to come by will be very key to the success of Azure Active Directory, because many organizations are going into mergers and acquisitions or spinning off new companies. They will still have to access the old tenant information because of multiple legal reasons, compliance reasons, and all those things. So, there should be some level of tenant-level trust functionality, where you can bring people from other tenants to access some part of your tenant application. So, that is an area which is growing. I believe Microsoft is actively pursuing this, and it will be an interesting piece."

What is our primary use case?

We are using Azure Active Directory (AD) for:

  • Application authentication, which is single sign-on. 
  • Multi-factor authentication (MFA). 
  • Conditional access for people coming in from non-trusted networks, which are interlinked. 
  • Azure AD B2B. 

These are the four big items that we are using.

How has it helped my organization?

The flexibility around accessing company systems from anywhere at any time has proven to be very helpful. Organizations decided during the COVID-19 pandemic, on a very short notice, to announce that everyone should be working from home. The good part was that our company was already working under Azure Active Directory, and most of our applications were under Azure at that time. For us, it was a very seamless transition. There were no major impacts on the migration nor did we have to do any special setups or need to configure networks. So, it was a very seamless experience for our users, who used to come into our office, to access systems. They started working from home and there was no difference for them. We did not have to do anything special to support that transition from working from the office to working from home. It was seamless. There was no impact to the end users.

Bringing our many hundreds of applications onto Azure Active Directory single sign-on authentication has had a big impact on users' productivity, usage, and adoption of enterprise applications because they don't need to log in. It is the same credentials and token being used for days and months when people use our systems with hundreds of applications being integrated. From a user perspective, it is quite a seamless experience. They don't need to remember their username, passwords, and other credential information because you are maintaining a single sign-on token. So, it is a big productivity enhancement. Before, we were not using a single sign-on for anything. Now, almost 90 to 95 percent of applications are on Azure Active Directory single sign-on.

What is most valuable?

The single sign-on is an amazing product. Its integration with the back-end, like MFA and conditional access, is very helpful for enterprise class companies because of changing dynamics as well as how companies and workers interact. Traditionally, companies used to have their own premises, networks, network-level VPN and proxy settings, and networks to access company systems. Now, anyone can work from anywhere within our company. We are a global company who works across more than 60 countries, so it is not always possible to have secure networks. So, we need to secure our applications and data without having a network parameter-level security. 

Azure Active Directory provides us with identity-based authentication, which secures access at the user level and also integrates with conditional access policies and multi-factor authentication helping to increase the identity security for that person. So, the hacking and leaking of passwords is a secondary problem because you will not authenticate a person with one factor. There is a second factor of authentication available to increase the security premise for your company.

The analytics are very helpful. They give you very fine grain data around patterns of usage, such as, who is using it, sign-in attempts, or any failed logins. It also provides detailed analytics, like the amount of users who are using which applications. The application security features let you drill-down reports and generate reports based on the analytics produced via your Active Directory, which is very helpful. This can feed into security operation centers and other things.

What needs improvement?

One of the areas where Microsoft is very actively working on enhancing is the capabilities around the B2B and B2C areas.

Microsoft is actively pursuing and building new capabilities around identity governance.

There is a concept of cross-tenant trust relationships, which I believe Microsoft is actively pursuing. That is something which in the coming days and years to come by will be very key to the success of Azure Active Directory, because many organizations are going into mergers and acquisitions or spinning off new companies. They will still have to access the old tenant information because of multiple legal reasons, compliance reasons, and all those things. So, there should be some level of tenant-level trust functionality, where you can bring people from other tenants to access some part of your tenant application. So, that is an area which is growing. I believe Microsoft is actively pursuing this, and it will be an interesting piece.

For how long have I used the solution?

I have been using it for three and a half years.

We have worked very closely with Microsoft over the past few years. We were one of the early adopters as an enterprise. We worked very closely with Microsoft to develop many products and features.

What do I think about the stability of the solution?

Looking at our journey over the last three and a half years, there were a few stability incidents, which is understandable from any technology platform provider perspective. However, it was overall a very good experience with a stable platform. There were two or three major incidents in the last three years.

There are about eight people who handle the day-to-day maintenance. These people focus on single sign-on, multi-factor authentication, and Azure B2B.

What do I think about the scalability of the solution?

The scalability is amazing. Microsoft gets billions of logins every day. They are scaling it every day. They announced an increase in the availability that the SLA guarantees from 99.9 to 99.99 percent from April of this year. Overall, it is very stable and scalable. These are things that we don't need to worry about.

It is fully rolled out to everyone in our organization.

How are customer service and technical support?

Overall, the technical support is very good. Overall, if you follow the customer support route and raise an incident ticket, then they are very prompt. They work very closely and collaboratively with us. We have a dedicated technical account manager (TAM). We have governance in place. We engage with them bi-weekly. So, we have a pretty good working structure with them.

Identity within Microsoft is a separate division, and we work very closely with them.

Which solution did I use previously and why did I switch?

We didn't use another solution before Azure AD.

How was the initial setup?

The initial setup was straightforward.

How you plan the tenant and set it up is quite key. There are major components that you need to be aware of: 

  • Are you planning to implement multi-factor authentication at the tenant level? 
  • What type of conditional access policies do you want to implement? 
  • What type of access governance do you want to put in? 
  • What type of role catalogue do you want to maintain? 
  • What type of structure of the AD organization you want to maintain? 
  • What type of device registrations do you want? 

There are some prerequisite checklists available from Microsoft. However, these are quite fundamental decisions. If you don't take the lead on them, these decisions will impact you, then you have to go back and fix them later on. So, plan ahead. 

Initial deployment took us a few months across our organization, but we decided to use most of the elements at a very early stage. So, our use case could be different than other companies. Some organizations that I know have chosen not to deploy multi-factor authentication nor do self-service password reset to deployment, then the user community is impacted with that. It can differ organization to organization based on the scale, number of users, locations, etc. So, there are many factors involved. 

We phased out our deployment over a couple of years, focusing on single sign-on and multi-factor authentication, then self-service password reset and other components. So, we did it as a phased deployment with a small team of four or five people.

What about the implementation team?

I strongly recommend the Microsoft GTP Teams, which are with their R&D division. They have a go into production, dedicated team who work with customers from an end-to-end lifecycle perspective. So, they will help you to build the tenant from scratch, following the right standards and guidelines. For us, it was straightforward, but we started this journey in 2017/2018. It is quite a mature product now.

We work with most managed service providers, like Infosys, TCS, Wipro, etc. We have had good experiences with them. Initially, we worked with Infosys.

What was our ROI?

We are closing all data centers. Therefore, to build or enhance any existing capability in applications, it could have been very a costly effort for us. Rather than building an authentication platform, we are using a standard-based approach where we just need to plug and play. Instead of going in and reinventing the wheel for every application, we are using a standard out-of-the-box service offering from Azure Active Directory, where we just consume that service, then users have a seamless experience.

Having a single supplier saves you loads of headaches from:

  • Multiple suppliers and multiple technologies
  • Integrating everything.
  • Doing upgrades.
  • Maintenance.
  • In-house deployment
  • Having multiple components of those solutions to work together.
  • Managing multiple vendors, supplier support teams, contracts, renewals, and licenses. 

If you are dealing with one supplier with an out-of-the-box solution, which provides you end-to-end capabilities, then it is naturally cheaper and less of a headache to manage and operate.

Which other solutions did I evaluate?

This solution was the natural choice. There is no vendor nor supplier providing this type of capability right now in the market, especially considering people in organizations are using Office 365. So, it is the natural choice to not to go with a third-party supplier, then try to integrate those third-party solutions and technologies into Microsoft. It is one box and the same Office 365 tenant in the same environment where you operate all your settings. Therefore, it is a very natural, out-of-the-box solution.

What other advice do I have?

Look at the market. However, look at it from an end-to-end perspective, especially focused on your applications and how a solution will integrate with your overall security landscape. This is key. Azure Active Directory provides this capability, integrating with your Office 365 tenant, data security elements, classifications, identity protection, device registrations, and Windows operating system. Everything comes end-to-end integrated. While there is no harm evaluating different tools, Azure AD is an out-of-the-box solution from Microsoft, which is very helpful.

Every day we are increasing the number of users and onboarding new applications. Also, we are growing the B2B feature. We try to use any new feature or enhancement coming in from Microsoft, working very closely with them. It is an ongoing journey.

Dealing with a single supplier is easier rather than dealing with five suppliers. Historically, if you have to do anything like that, then you will end up dealing with at least 10 different vendors and 10 different technologies. It is always interesting and challenging to manage different roadmaps, strategies, upgrade parts, licensing, and contracts. The biggest lesson learnt is wherever you can go with native-cloud tools and technologies, then go for it.

I would rate this solution as 10 out of 10.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Microsoft Entra ID
June 2025
Learn what your peers think about Microsoft Entra ID. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,524 professionals have used our research since 2012.
reviewer2266695 - PeerSpot reviewer
Support desk representative at a consultancy with 11-50 employees
Real User
Good support, has a helpful dashboard, and a seamless user experience
Pros and Cons
  • "It's very good at not disrupting the user experience."
  • "Having more training would be quite helpful."

What is our primary use case?

The solution grants users access to various apps built on the portal. 

How has it helped my organization?

There was a lot of logic and a lot of improvement overall in terms of improvement. On the user access side, it improves the company a lot, specifically in regard to security. It really does help with access and protection.

What is most valuable?

My experience so far has been amazing. I'm in the intermediate phase of understanding it. Loading users and creating groups and so forth is very easy. We can also run multifactor authentication.

The dashboard is very good. It's outstanding.

It offers very good support.

The virtual machines you can run through it are great.

We are provided with a single pane of glass for managing user access. It helps provide more insights and creates consistency in the user experience. It works perfectly. Only admins can control access. That makes it safe. If a user requests something, only the admin would be able to assign the permissions.

My assessment of Active Directory's admin center managing all of your identities and access tasks is that it is very effective. 

I do use the verified ID at this time to onboard employees. Onboarding new users is very easy. It's very quick and doesn't affect the users. It's simply sped up the process. It also helps with privacy and control of identity data for remote employees. It's good to have and it assists with security. 

Permission management is quite good. The visibility and control in the clouds are good - at least over Microsoft. 

The product has helped save time for our IT administrators and HR department. It's helped a lot of time. It might save around 70% of our time from an IT admin support perspective.

It's very good at not disrupting the user experience. 

What needs improvement?

I'm still new to the solution. I need to look at the solution more before commenting on what to enhance. 

I do not need any extra features from my side. 

Having more training would be quite helpful. 

Having a faster interface could be helpful.

For how long have I used the solution?

I've used the solution for two years. 

What do I think about the stability of the solution?

The solution is stable. 

What do I think about the scalability of the solution?

We use the solution across multiple locations. We have multiple systems and apps that we built that run through Azure. We have about five people actively using the solution. We only have about seven people in our organization. 

The solution can scale well. I'd rate scalability nine out of ten. 

How are customer service and support?

I've never dealt with technical support. My colleagues have used it and I've heard from another user that the turnaround was almost immediate. My understanding is that it is quite good. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did not previously use a different solution. 

How was the initial setup?

The initial setup was straightforward. It does not require any maintenance. 

What was our ROI?

I'm not sure if we've saved money specifically using the solution, yet, if that wasn't the case, I'm not sure why we would use it.

Which other solutions did I evaluate?

We have not evaluated other solutions. 

What other advice do I have?

I'm a customer and end-user.

I don't use the conditional access feature. 

I'd personally recommend the solution to anyone. I'd rate the solution ten out of ten. 

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Marios Christodoulou - PeerSpot reviewer
DB and Systems Engineer at JCC Payment Systems Ltd
Real User
Top 20
A stable and scalable solution with good conditional access policies
Pros and Cons
  • "I like Azure AD's conditional access policies. Microsoft Entra provides a single pane of glass for managing user access, improving the overall user experience."
  • "The workflow management for registering new applications and users could be improved."

What is our primary use case?

Azure AD helps us manage application and hybrid identities.

What is most valuable?

I like Azure AD's conditional access policies. Microsoft Entra provides a single pane of glass for managing user access, improving the overall user experience. 

What needs improvement?

The workflow management for registering new applications and users could be improved.

For how long have I used the solution?

I have used Azure AD for about eight years.

What do I think about the stability of the solution?

Azure AD is stable.

What do I think about the scalability of the solution?

Azure AD is scalable. 

How are customer service and support?

Azure AD is so stable and easy to administer that we don't need to contact support. 

How was the initial setup?

Setting up Azure AD is straightforward. 

What other advice do I have?

I rate Azure Active Directory a nine out of ten. You should use premium licenses or Azure directly whenever possible to take advantage of the new security features since E3. 

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Compliance Consultant at a aerospace/defense firm with 1-10 employees
Consultant
Stable and scalable solution with a well-documented site and good security features
Pros and Cons
  • "The security and compliance features are very helpful. The online information on the site is well documented."
  • "My problem with Azure AD is that it's designed for medium to large systems, and we're not that large."

What is our primary use case?

I am using Azure AD to assist a client with COCC level one and level two certifications. The primary use of the solution is its conditional access feature to enforce fine-tuned and adaptive access controls. The robustness of a zero-trust strategy to verify users has helped in implementing zero trust right now.

How has it helped my organization?

The client has to have a clone network storage and manage the services it provides to the handful of people he works for. The control and identify data do what it is supposed to do, as advertised, but the client is not utilizing those features.

What is most valuable?

The security and compliance features are very helpful. The online information on the site is well documented.

What needs improvement?

One thing I would like to see is when you're doing control measures if you could globally apply them instead of going through every user individually. I looked at this problem twenty years ago, and it has stayed the same. In twenty years, it's still the same one by one. The default is whether you get group permissions or role-based assignments, you still have to go in individually to everyone every time, which is cumbersome to me. My problem with Azure AD is that it's designed for medium to large systems, and we're not that large.

I rate it an eight out of ten.


For how long have I used the solution?

I have been using the solution for less than a year, and the client that I'm consulting with has been using it for about four and a half, five years.

What do I think about the stability of the solution?

It is a stable solution.

What do I think about the scalability of the solution?

Since we're starting with three people, it's probably not going to grow to more than ten people in the next five years. So the scalability is fine for my client's needs.


How are customer service and support?

We have not contacted Azure's technical support.


How was the initial setup?

The initial setup was straightforward. The client has got three people working for him.

What's my experience with pricing, setup cost, and licensing?

For a small business buying individual licenses, it is an affordable solution.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
General Manager at Kaleyra
Real User
Top 20
Has good support, is easy to set up, and is stable
Pros and Cons
  • "Privilege identity management is the most valuable feature."
  • "The licensing and support are expensive and have room for improvement."

What is our primary use case?

We use the solution for single sign-on, provisioning, de-provisioning, conditional access, and identity governance.

How has it helped my organization?

The access governess feature improves our compliance.

What is most valuable?

Privilege Identity Management is the most valuable feature.

What needs improvement?

The licensing and support are expensive and have room for improvement.

For how long have I used the solution?

I have been using the solution for five years.

What do I think about the stability of the solution?

I give the stability a nine out of ten.

What do I think about the scalability of the solution?

I give the scalability a nine out of ten.

How are customer service and support?

The support is really good.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup was straightforward. The time required for deployment will vary depending on the features that we plan to use. Typically, two to three weeks should be sufficient for deployment.

What about the implementation team?

The implementation was completed in-house.

What was our ROI?

We have seen a return on investment.

What's my experience with pricing, setup cost, and licensing?

I give the cost a three out of ten. The licensing is expensive.

Which other solutions did I evaluate?

We evaluated Google Cloud Identity.

What other advice do I have?

I give the solution a nine out of ten.

Two to three engineers are required for the Maintenance. The majority of the maintenance is completed by Microsoft.

I recommend the solution to others.

We deployed the solution across multiple geographical areas.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Andri Ottosson - PeerSpot reviewer
Network specialist at a wellness & fitness company with 501-1,000 employees
Real User
Provides secure access to resources, and consolidates user accounts and authentication
Pros and Cons
  • "The security features, such as attack surface rules and conditional access rules, are the most valuable aspects of Azure AD."
  • "The only improvement would be for everything to be instant in terms of applying changes and propagating them to systems."

What is our primary use case?

Azure AD is primarily used as the backend for all Microsoft Office 365 user accounts and licensing, as well as for securing those accounts. Endpoint Manager is also utilized, which is part of domain control in the cloud, even though it is not Azure AD.

How has it helped my organization?

Azure AD has enabled the organization to set up single sign-on to all applications and has consolidated everything to a single cloud authentication for users. This saved a lot of time by not having to administer accounts in multiple systems, and it has also made it easy to control user identity for all cloud and internal applications. Security features such as attack surface rules and conditional access rules are also highly valuable and help the organization feel safe with all its user accounts. The Entra conditional access feature is used to enforce fine-tuned and adaptive access controls, and it is perfect for verifying users in line with the Zero Trust strategy. Overall, Azure AD enabled the organization to control one set of accounts and policies for everything, providing a huge benefit.

What is most valuable?

The security features, such as attack surface rules and conditional access rules, are the most valuable aspects of Azure AD.

What needs improvement?

The only improvement would be for everything to be instant in terms of applying changes and propagating them to systems.

For how long have I used the solution?

I've been using this solution since 2017.

What do I think about the stability of the solution?

The stability of Azure AD is perfect.

What do I think about the scalability of the solution?

Azure AD is highly scalable and enables the organization to control everything from one office.

How are customer service and support?

The support channel for Azure AD is probably pretty good, although there was a strange experience with technical support once. Overall, the customer service and support would be rated as positive, with an eight out of ten rating.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

I have never used any other products except Google Workspace, which is very intuitive but not comparable to an identity system.

How was the initial setup?

The initial setup of Azure AD was quick and took just a workday or two, although tweaking it took about a week. The implementation of Azure AD probably took about 48 hours. In terms of maintenance, Azure AD doesn't require any maintenance as it is a cloud service that is always up to date.

What about the implementation team?

At the time, we used contractors to set it up because it was new to us. If I was going to do it today, it wouldn't be that complex for me because I now know the ins and outs of it, but at that time, we contracted people to help us set it up so that we could do it with the best practice. We probably had just one contractor and then we just helped out.

What other advice do I have?

For those looking to implement Azure AD in their organization for the first time, it would be recommended to get rid of the legacy Active Directory right away and go straight to Azure AD instead of starting out hybrid and having to wind that down. If local Active Directory isn't needed, it's best to move all authentication over to the cloud and scrap the Active Directory domain controllers. The Entra portal is a huge benefit as it provides a consolidated view of everything and makes it easier to navigate security, users, conditional access, and identity protection.

Microsoft has been consolidating the view to provide a single pane of glass. It has been more and more down to that. They're now out with something called Entra. It's the Entra portal, and it has a very consolidated view of everything I need to do. Microsoft Entra is basically Endpoint Manager, Microsoft Defender, and Azure Active Directory pulled together for an easy view and ease of navigation. I've started to use Entra a little bit. It has only been out for a little while, but it was created to simplify finding everything. So, instead of navigating through the portal at Azure, I've started using Entra. I like it a lot. At first glance, it looks very intuitive, especially based on how I've been navigating until now. 

What Entra is doing is a huge benefit. If you're starting up today, it's much easier to get into security, users and conditional access, and identity protection. They've consolidated most of the important things there. You can navigate to everything from there, but they draw forth the most important ones in a more intuitive way. They've done that, and what they've done with Entra is what was missing.

Overall, I'd rate Azure Active Directory an eight out of ten. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Akin Ayodele - PeerSpot reviewer
General Manager at a tech services company with 11-50 employees
Real User
MFA is key, keeping threat actors from being able to steal identities
Pros and Cons
  • "A couple of features are valuable, but the one that comes across the most to me is multi-factor authentication."
  • "When it comes to identity and access life cycle management for applications that are run on-premises, as well as access governance, if those kinds of capabilities could be built into Azure Active Directory, that would be good."

What is our primary use case?

We use it for identity and access management for cloud-based applications.

What is most valuable?

A couple of features are valuable, but the one that comes across the most to me is multi-factor authentication. That is huge because, with the promise of cloud—the ease and flexibility—comes a challenge of security. That means organizations are quite susceptible to cyber security threats and attacks. Nowadays, because assets have moved from the on-premises environment to the cloud, identity has become a new parameter. 

MFA is the most valuable feature because it only takes threat actors who keep guessing the password—even a password with a high degree of complexity, given all the tools available to crack them—to gain access. Then they are able to steal identity information and all the digital assets of an organization. 

We, ourselves, experienced a "near miss" but we were able to detect it at a very early stage and then immediately implement multi-factor authentication, which of course means that in addition to the regular user ID and password, there's another key requirement for validating and verifying the true identity. That's been very valuable to us and to our clients.

We also use Entra’s Conditional Access feature to enforce fine-tuned and adaptive access controls. It's all about taking a further step and layering additional controls to prevent unwanted access. It helps with Zero Trust, ensuring that we can protect assets. The entire paradigm is to make sure that you do not grant access to any potential user without verifying and properly validating who that entity is. That's most invaluable because you can identify a set of conditions that are unique to the organization. They can be related or linked to the profile of the organization and, based on that, you can grant access. Microsoft, from what we've seen, is at the forefront. They're actually spot-on with that.

What needs improvement?

Using wild imagination, I am thinking about to what extent AAD can integrate with products in a seamless way, such as applications that are running on-premises and making use of on-premises directory services. The most common, of course, is Azure Active Directory Domain Services. To what extent can it be used to replace the on-premises Active Directory Domain Services? Even though they are similar in concept, they are totally separate products. 

I would like to see applications that make use of on-premises Active Directory Domain Services have the ability to also seamlessly make use of Azure Active Directory.

And when it comes to identity and access life cycle management for applications that are run on-premises, as well as access governance, if those kinds of capabilities could be built into Azure Active Directory, that would be good.

For how long have I used the solution?

I have been using Azure Active Directory since 2015.

What do I think about the stability of the solution?

It's very stable. I don't think I can recall a major outage of Microsoft's products or services. 

There could be outages impacting other services, and over time, you do experience degradation. But what makes it work is that Microsoft has a lot of resilience built into its cloud architecture.

What do I think about the scalability of the solution?

It's highly scalable. I've worked on projects where we have to deploy Active Directory for in excess of 12,000 users.

More than 90 percent of the people in our organization are using Azure Active Directory.

How are customer service and support?

Overall, I'm satisfied. In some cases, there are incidents that take some time to resolve, but those are more exceptions than they are the rule. We seem to find such cases when we have situations with on-premises workloads, technologies that are not yet in the cloud.

But for the most part, in recent times, on average we tend to have quicker resolutions, relatively speaking, for issues that have to do with the cloud product. 

What I consider to be the aspect that makes the experience good for us is that we get support for all the products. We have access to Premier Support and that enhances the quality of our experience.

How would you rate customer service and support?

Neutral

How was the initial setup?

It's quite easy to set up.

The time needed to set up Azure Active Directory is a function of the environment. For simple deployments, it can be done within hours or within a day. But for complex environments, it might take anywhere from two weeks and up. You need to go through an environment assessment and make use of a project delivery framework.

For example, suppose a customer already has on-premises Active Directory services, and the requirement is to deploy or implement a hybrid identity architecture. That means there are workloads on-premises and in the cloud, and the customer wants to use the same identity scheme or single sign-on. Those are the type of requirements that determine how long it will take to get Azure Active Directory set up.

Deployment generally requires a project manager, an engagement manager, and an architect; a minimum of three people. And if there are other specific solution domains that require specialist skills, it could be four.

There is zero maintenance. The focus, in my own experience, is typically around security: how you're monitoring the environment to ensure that it's still secure. And when there are incidents, to what extent, and how quickly, you can triage and pinpoint and remediate to keep the infrastructure secure? But the actual is maintenance is zero.

What was our ROI?

It will save us money eventually, even though that's not the case now. For example, for HR, with onboarding and exits, we're beginning to see that this is an area where Entra can help us manage the life cycle of identities. The convenience that comes with that, and how that also helps ensure security and compliance, are areas that Entra can help us with.

What's my experience with pricing, setup cost, and licensing?

The pricing of Azure Active Directory is competitive. By default, the product exists in almost every Microsoft cloud product. But it then depends on the features that a customer really wants to make use of. The extent of the security requirements will inform what kind of plan will be suitable for the customer's situation.

Which other solutions did I evaluate?

As a business, we have always been cloud-native, so we've always been making use of Azure Active Directory. The very fact that that's what drives our productivity platform, both for ensuring that employees are well engaged and they can deliver on productivity, and meet customer requirements and demands, means we haven't looked at alternatives.

What other advice do I have?

Regarding Entra, the expectation is that when it is deployed, the employee experience should be better. We haven't started exploiting all the features of Entra. It makes use of the core Active Directory: identity and access management, conditional access, et cetera. But we're not making use of all its features at the moment. We hope to implement them in the near future.

Overall, I'm satisfied.

Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
PeerSpot user
Buyer's Guide
Download our free Microsoft Entra ID Report and get advice and tips from experienced pros sharing their opinions.
Updated: June 2025
Buyer's Guide
Download our free Microsoft Entra ID Report and get advice and tips from experienced pros sharing their opinions.