Microsoft Entra ID Reviews

I have been working with a medication company and we are building an LMS system. We have an older version and we've decided to develop a new version of it. We are building the entire system on the cloud and using new technology.  We started the process on Azure cloud, but we have later plans to try AWS, but for now, we are using Azure Active Directory.

Having access to Azure Active Directory on the cloud gives us speed and use of the latest technology. The application services are very good, such as GitHub.

Azure Active Directory could be made easier to use. We have large amounts of data and storage. We are looking for video files and media content for applications, we will think about options, such as cloud storage or a CDN.

I have been using Azure Active Directory for approximately three years.

I have not found any problems with the stability of Azure Active Directory.

The support for Microsoft is good. We do have a developer support package with them. We create a ticket, they respond back, then there is some back and forth communication. They will have a call with you you and ask for a screenshot of the issue. If you have any issues, they help you. They will follow up with you, the service is not bad. There are times you have to keep following up with them but we were satisfied.

The process of implementing Azure Active Directory is not straightforward. We are currently still setting it up because we are adding more services, setting up the pipelines, and many other things behind the scenes. It's not as simple, it is tough to implement.

The price of Azure Active Directory and Amazon AWS, are almost the same, but most people prefer Amazon AWS because they find it's a little cheaper to some extent and an easier platform to use. 

The prices we pay for the solution can vary because we are adding more services a lot of the time, the price keeps going up and down. The price has been one thousand before but we are still adding more services. The price depends on what services you are using.

We are paying for support to use this solution which is an additional cost.

People have personal preferences in respect to choosing a cloud provider because there are many out there. In terms of support, you have to know exactly what you're looking for and get the pricing figured out. It is important to come up with a proper plan for the implementation.

I rate Azure Active Directory an eight out of ten.

The solution is our main authentication on our authorization platform to get access to our resources.

The solution is deployed on cloud with Microsoft Azure as the provider. We have around 100 people using this solution in my organization. 

We're using the whole suite: device management, user credentials, everything that's possible.

I would not recommend any changes or improvements right now, in terms of the organization. I think something that is key would be the group policies replication over the cloud, in order to prevent or to avoid relying on the on-premise Active Directory servers and to manage group policies.

I have been using this solution for a year.

The solution is stable.

It is scalable.

We have plans to increase usage. We have been increasing over the past year. I believe we started with about 30 people, and now we have almost 100.

We have only contacted technical support once or twice in the last year. They were very simple tasks.

Setup was very simple initially. Deployment took no more than six weeks, and we only needed two people.

We used a partner to help us and guide us on the deployment.

The licensing costs are yearly. There is a standard fee per user.

I would rate this solution 9 out of 10.

With a more complex environment, more complex tools are implemented. My thoughts are that they need to have a right and current inventory of applications that are compatible with single sign-on to properly implement that functionality, for example.

The solution is deployed on a public cloud. We are using Microsoft Azure.

There is on-premises AD and cloud AD. We are able to sync the solution and use the load technology and password management features.

The most valuable features in Active Directory are the password writeback product and the MDM technology.

The on-premises AD comes with a lot of options and group policies. With the group policies, we are using screen saver a lot, and it is messing up Azure AD and isn't working effectively. We are also using MDM technology through Azure. For Android the MDM technology is okay, but it doesn't work properly on iPhones.

When we do a screen share and screenshots, it doesn't work on the iPhone. For Android, it will only work for Outlook, which is provided in the company portal.

I would like to see the group policies on the same platform on cloud.

We have been using this solution for almost two years.

The solution is stable and everything is working. In terms of connecting the web application, there is technology for single sign-on. When we use it, the solution opens very slowly. It might be a bandwidth issue, and some content will not work on that portal.

The solution is scalable. We haven't had any issues.

We have 500 people using this solution in our company. We have increased usage, and we have plans to increase more. 

Technical support is very good. They work quickly to resolve any issues.

We are using an earlier non-premises AD, but we want to move to the cloud setup, which is easier for end users and everyone else due to the pandemic situation.

Setup was straightforward. Implementation took three months.

For the deployment process, we had a technical team of two people who did everything. They are engineers.

We used a consultant for deployment. I think we used a Microsoft partner.

It was a good experience and not very complicated. I think I realized that they are not seeing many implementations. There's a tool in Microsoft Azure called an endpoint security tool, and they don't know how to implement it.

We have a yearly license.

I would rate this solution 9 out of 10.

This product is very nice. It's a legacy application, so the people using it are very familiar with it.

We primarily use the product for the authentication for all of Office 365. It is also my single sign-on solution.

The solution is stable.

It's a very easy product to set up.

The product can scale well.

Technical support has been great.

It's an affordable solution.

The synchronization with my AD is not the best. The synchronization between my AD and Azure AD needs improvement. For example, for reports, et cetera, due to the fact that now I have two different ADs - one for local AD and another for Azure AD, the types of fields in the local AD do not sync with Azure AD. It's completely different.

I've been using the solution for four or five years at this point. 

The product is stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. The performance is good. 

The scalability is great. You can expand it as needed. We have about 2,000 users on the product right now. 

We've used technical support in the past. They have always been excellent. We're quite happy with its capabilities. 

Previously, I used Okta. I switched to Azure AD due to the fact that it's part of Office 365. It does not have a cost. It's not exactly free; it's part of the Microsoft bundle.

We found the implementation process to be quite straightforward and simple. It's not overly complex or difficult. 

It's pretty inexpensive to use the product, as it comes with the general Mircosoft bundle. Its costs are baked into using Microsoft in general. It makes it pretty affordable. 

I'm an end-user of the product.

We're always on the latest version of the product. Being on the cloud ensures we are always up-to-date on versions. 

I'd rate the product at an eight out of ten.

We use Azure Active Directory to make the computers have policies that we inspect. This allows us to deploy software and block the CMD from the user. Additionally, we deploy the desktop systems with password policies.

Azure Active Directory has helped the organization maintain the user policies of their computer systems.

Azure Active Directory has useful policy assigning and management.

I had some issues with the Azure Active Directory on Windows XP. However, it worked well on Windows 7.

The password policy that we had in place caused some system lockups.

I have used Azure Active Directory within the last 12 months.

The solution is stable.

Azure Active Directory is easy to scale. You can add new employees, by adding their device to the domain assisting.

We have approximately 300 people using this solution in my organization.

My organization plans to continue to use Azure Active Directory.

The technical support has been helpful.

The installation was simple. I did the flash OS installation, created the role of the Active Directory, and deployed the GPO. The full process of implementation takes approximately one hour and setting the Active Directory domain takes approximately 30 minutes.

I did the implementation of Azure Active Directory.

The company I work for has more than 10 branches, we no longer have to go to the branch outside the city to have the application installed on the user's devices. When you have Active Directory, you only need to connect it to the device and then the information will automatically populate. The process was more automated.

The price of the solution's license is good.

I rate Azure Active Directory an eight of ten.

Active Directory is used for authentication and provisioning for users and devices and granting them access.

We're in a hybrid mode where we still have on-prem controllers as well.

The beauty is that it affords us more of an anytime, anywhere operation because we're not tied to an on-prem solution. From a customer experience standpoint, users don't really care about what goes on behind the scenes technically. They just want their lives to be easier. Now that they can access Office 365 globally, anywhere from any device, that's huge. That helps productivity and gives them the ability to get work done. And having to manage fewer passwords and user IDs is another true advantage.

The solution gives users seamless integration to all these products and streamlines the user experience. That's definitely been a pro.

In this completely upside-down world that we're in these days, with most people elsewhere and very few people in the office, it gives us tremendous flexibility for keeping people productive and providing them with access to the data and tools that they need to perform their jobs. It has given us the opportunity to move to this more mobile environment.

Also, the SSO aspect improves our security posture because people aren't writing down or creating a list of all their passwords. Now they only have to remember one. It has definitely made it easier for them to manage. In addition, we've introduced MFA so that whenever you sign in, you're also challenged for approval on your mobile device. That adds to the security.

The single sign-on across multiple platforms is really the true advantage here. That gives you one ID and password for access to all your systems. You don't need to manage a plethora of different user IDs and passwords to all the systems that you're going to access. 

The downside is that we now have all our eggs in one basket with Microsoft. We have this great authentication and single sign-on, but if Microsoft has an outage in North America or globally, on Outlook or Teams, we're dead in the water. There is no drop-back-and-punt. There is no "Plan B." The bottom line is that if their services go down, our productivity goes with it. Working with them when we have outages can be very frustrating. We get some type of hiccup once a quarter.

We get service notifications from them all the time that the services are under investigation or that there is some type of issue. More than the headache of not completely understanding the severity, we have to make sure that we communicate with our end-users. We get to the point where we're potentially "crying wolf." We're telling them there's a problem but some people don't have the problem. Then they get to the point where they just ignore our communication.

Outages can last hours, but never more than a day. They can be regional outages where one area is affected and other areas aren't. The advantage is that it could be evening or night in the area that is down, so it's less impactful.

I've been using Azure Active Directory at my current company for just about four years.

My impression of the stability is mixed. If it were really working correctly, it should be able to digest these outages by rerouting us to other areas. But that doesn't happen.

We have a global footprint, so it scales globally, no doubt.

Tech support from Microsoft has been cumbersome for Office 365. We don't really get the answers we want in a timely manner. There are times that we get the runaround, and that's the downside to being an early adopter and being on the leading edge. Sometimes we have to sometimes QA and work out issues with their products, which I'd rather not have to do.

A larger shop, like a Goldman Sachs or a JP Morgan, is not going to adopt this stuff until it's mature. And that means that smaller companies, like ours, have worked out the kinks.

Neutral

Before AAD we used the on-prem version with on-prem controllers. We went with AAD because there was no other option. We had their on-prem solution, and in the evolution directed by our CTO, everything is moving to the cloud. The next logical next step was to move to AAD.

I didn't set it up, the guys who work for me did it. I think it was fairly complex because we're about to go through an acquisition and we are going to merge them into our tenant. We have to outsource some of that work to a third party to assist us with that because we don't have the in-house skills.

Costs are constantly being managed. We don't really have a choice. It's the one shop in town. If you want this, you have to pay for it. We have an E5 license, which I believe is the most expensive license.

From an AAD standpoint, I don't think we've had any issues. The data replicates correctly and no one really has a problem with their credentials from AAD. It's meeting our expectations.

We use Active Directory to manage our main database and control students and staff access with rules and passwords. Usernames, emails, etc., are all integrated with Active Directory. Office 365 is also integrated with our Active Directory.

The best thing about Active Directory is its compatibility. It works with lots of third-party vendors. We're using multiple products, and they're all integrated with our Active Directory.

Active Directory could always be more secure. Right now, we've got two-factor authentications. All services based on Active Directory have a username and password. If somebody hacked our username, they could easily get all the data from our side. So I want two-factor authentication and a stronger password policy from Active Directory. The domain controllers should be more secure as well.

We've been using Microsoft Active Directory for more than 10 years. 

Active Directory is a stable, scalable product.

Microsoft technical support is very good. They call us back and resolve the problem.

The setup is effortless because we've been using this solution for a while. We are familiar with the setup now, so it's easier.

We get a discount because we're working in the education sector. 

I rate Active Directory eight out of 10. I think this is a good product. Most enterprises are using this. We don't currently have any plans to switch, but we're planning to migrate more into the cloud. However, cloud service is still costly, so we are working on the premiums. I would recommend Active Directory for any large-scale company, organization, or university. 

The solution allows us to assign and give the access and controls. It allows us to monitor privileges with the users so that we can then be in control of the access given to digital resources.

The best example of how it has helped our organization is when we migrated toward Azure. We were able to take all the users which were there on-prem and migrated them over. If those facilities were not there in Azure Active Directory, then we would likely have to create individual users and one by one give them specific access. We'd have to look at their needs and set authentication. It would be hard to control users that needed higher admin-level access. Without the Active Directory, we would not have the control we needed. 

Azure AD has features that have helped improve our security posture. That's one of the basic fundamentals of having an Active Directory. The whole concept of Azure Active Directory came from the Active Directory on-prem version. There’s this tunnel of authentication that it has.

When you migrate, you can migrate your Active Directory on-prem onto the Azure Active Directory which has tightly integrated features due to the fact that they both are from Microsoft. Based on that, you can give access based on what privileges are needed. Basically, if you're talking about security, everything is related to role-based access. The security aspect is linked to providing the proper access.

My understanding is, in the future, they will be able to bring everything into one single platform and they are not there yet. We are loving third-party authentication, however, those authentications will be further scrutinized by AD itself.

For example, if you want to book a flight, you go to any website to book. Booking the flight can be divided into two parts. One is creating a log-in with a particular website and then booking. However, if there are five to ten websites and you want to compare prices on all of them. You aren’t going to set up a log-in for each and every site. That's not feasible.

Instead, you can use your own login credentials, for example, from your Hotmail or Google account. Then, you have a token authenticated by Google, et cetera, which gives you the privilege to do the booking for a particular session. This is similar to what Azure AD should do in the future for authentication and allowing access.

I've been using the solution for at least four to five years. 

The stability is good. It's always there. If it is down then that's it. Anyone can log in. Anyone can do anything, whatever they want to do. That's why it's considered the backbone of the security pillar. There has never been any downtime, however.

Azure AD is scalable. You don't need to take care of it as it's a part of the service which is taken care of by Azure itself based on how our company grows. Basically, it's a hidden feature, and scaling it for the end-user is always happening. It's always scaling.

We have about 3,000 users on Azure AD currently.

I've been working as an architect and therefore have never directly dealt with technical support. 

I work on different platforms. For example, I work on AWS and GCP (Google Cloud Platform), et cetera. Azure AD is very good and very powerful and offers a basic foundation having the highest status or dominance in terms of providing access management. It's tightly getting integrated with the on-premise solutions. That’s true irrespective of what cloud you're using - whether GCP, AWS, Oracle, or IBM - whatever the cloud provider, you're using the services you will be using a laptop or dashboard.

We are now working remotely. However, having remote access doesn't mean that you are not entering the company premises virtually. Basically, everything is going through your company's network. You're just going through to a cloud. You can move across platforms to validate. You can still use the AWS site to authenticate and verify the users. No matter the cloud, you’re still using Azure AD to get access.

I wouldn't say the initial setup is complex. If you have a good understanding of the product, you can break down your tasks. Then, slowly, step by step you can complete all the tasks.

Our operations team did the migration from on-prem AD to Azure AD. Therefore, I cannot speak to the exact length of time it took. My work was to design the architect and provide them with the solution. 

I have clients who have seen an ROI.

I'm not a Microsoft partner. I work as a consultant.

I'm predominantly using the SaaS deployment version. 

My advice to potential users is on the security side. There was a famous article on Gartner which clearly stated that by the end of about 2023 or 2024 if someone tries to access your network or if anything becomes accessible or has been exposed, it is not the cloud provider that is the problem. It is due to a misconfiguration of the services.

It's not really with the user. It's really with how and what kind of access you provide to that user. For example, if I give someone an admin status, and they provide access to someone, they are providing not only basic access, they’re giving access privilege or admin rights. If they’re giving admin rights to the wrong person, even though they may have the best intentions, due to a lack of knowledge, that person may do something stupid and it may be a disaster to the company. That has nothing to do with the AD users themselves. You need to be aware of the security and the access that you're granting your users at all times.

I'd rate the solution at a nine out of ten.