Microsoft Entra ID Reviews

When a customer is trying to synchronize user information from their on-premises environment to the cloud, they might be encountering a series of errors or they may not be able to achieve what they are trying to achieve. They will raise a ticket so that somebody can help resolve the problem or clarify the situation and explain what the workflow should be like. That's where I often come in.

My support scope is focused on the synchronization aspect of Azure Active Directory. My specialty covers scenarios where customers have information in their on-premises environment and they want to synchronize their Active Directory information into the cloud with Azure Active Directory.

In addition to getting on calls and assisting customers to resolve issues, we also try to help educate customers on how to achieve the best results with Microsoft products.

In terms of the security posture of my customers, in the area of my specialization—the synchronization of information from on-premises to the cloud—there's an aspect we call TLS. There was a version of TLS that was not really secure, but Microsoft has now pushed and made sure that everything running in its platform uses a higher version, TLS 1.2. That means that when you are doing directory synchronization, your machine and your product need to be TLS 1.2 enabled. Microsoft is always working on enforcing the use of the most secure means to carry out whatever workloads customers are running. While my day-to-day job does not involve an emphasis on security, the areas that do involve security elements are emphasized to make things work effectively.

It also helps when you're troubleshooting. If you have an issue, it's easier for a user to look at it and say, "Okay, this is the problem," and to work on it.

An aspect of Azure's synchronization technology is called the provisioning service. It's the technology that takes user information from Azure AD into third-party applications. If a company has hundreds of users that already exist in the cloud, and it now wants to enable those same users to be present in third-party applications that their business uses, like Atlassian or GoToMeeting, the provisioning technology can assist in achieving that.

Over the years, the performance of this particular technology has greatly improved. I have seen its evolution and growth. Customers see much more robust performance from that technology and it gives them an easy way to set up their environments. The product has been designed quite well and customer feedback has also been taken into consideration. You can even see the progress of the process: how the user is being created and sent over to the third-party application.

Recently, Microsoft has developed lightweight synchronization software, the Cloud Provisioning Agent, to do the job of the preceding, heavier version called AD Connect. You can do a lot more with AD Connect, but it can take a lot of expertise to manage and maintain it. As a result, customers were raising a lot of tickets. So Microsoft developed the lightweight version. However, there are still a lot of features that the Cloud Provisioning Agent lacks. I would like to see it upgraded. 

The Cloud Provisioning Agent cannot provision a lot of the information that AD Connect does. For starters, the lightweight version cannot synchronize device information. If you have computers on-premises, the information about them will not be synchronized by the Cloud Provisioning Agent. In addition, if you have a user on the cloud and he changes his password, that information should be written back to the on-premises instance. But that workflow cannot be done with the lightweight agent. It can only be done with the more robust version.

I believe the Cloud Provisioning Agent will be upgraded eventually, it's just a matter of time.

I've been using the Azure Active Directory platform for a little over three years. I started supporting the product in October of 2018.

Our company is a Microsoft partner. When Microsoft customers raise tickets, most of these tickets get routed to partners like us. I follow up on and assist customers when they have issues that relate to my area of expertise.

Azure AD is solid because of the way the product is designed and because the people who support it are very good.

Microsoft is a very big organization. Whenever they put products on the market, they take things like scalability into consideration. They make sure the life cycle of the product matches the demands and the usage of customers. This product should have a long life in the market.

Microsoft technical support is great. Fantastic. Microsoft is looking to push the capabilities of its products, to enable customers to achieve more.

In general, there has been improvement in the way the technology can be used by end-users. Their feedback has been taken into consideration and that has helped a great deal.

Azure AD has features that have been developed purely for the security of users. It has things like Conditional Access policies and MFA. But the nature of the support that I provide in Azure AD doesn't focus on security. While Azure AD gives a company a holistic way to manage user profiles, I don't usually work on security aspects. But I do know that, to a large extent, the solution is built using the latest security.

The provisioning service I support has authentication methods. There has been a push by Microsoft to move customers away from certain authentication mechanisms that are not very strong in terms of security, and to make sure that secure standards are being enforced. I have looked at integrations set up by customers where they have only done the basic minimum in terms of security. Microsoft had to push those customers towards a much more secure setup. So customers are getting better security.

Overall, the effect of the product on my customers' experience has been good. I generally come into the picture when customers are having an issue. Most customers I've interacted with don't understand some information or why the product is designed the way it is. When I explain that it has to be this way so that they can do what they need to do, the customer feedback comes in at about an eight out of 10.

We are using it for central management, MDM, SSO, MFA, applying policies.

In terms of the features that I have found most valuable, it is cloud based so it is always updated, that part you don't have to take care of. It is public cloud. It is actually AD as a service, so it's a kind of an infrastructure. It is more infrastructure as a service.

We had some issues with the migration of users from the local user accounts to Azure AD. It was more like a local issue and had nothing to do with the Azure AD itself. It works fine for SSO, the Single Sign On. We were not able to do the integration very easily with ADP, so that was a challenge, but later on it was resolved. We had to do a lot of things to have that on the configuration. Some systems do not integrate very well with Azure AD. We thought of going for Okta, but later on we were able to achieve it, but not the way we wanted. It was not as easy as we thought it would be, the integration was not very seamless.

Additionally, it would be great if they added support for more applications in terms of integration for SSO. That's the only thing that I find missing for Azure AD.

We have been using Azure Active Directory for the last six months. We didn't do any migration from on-premise Active Directory to Azure AD on the cloud. What we did when we were setting up the computers was to join users to Azure AD and apply some conditional policies and everything works fine. We don't have any issues. The only thing we face are some problems with some computers because they were using it locally and we had a lot of data. So when we did the migration to Azure AD, we also had to move all the user settings data, the complete user profile, to the Azure AD account, as well. That was a challenge, but I was able to use ProfWiz to move data between user profile.

There are not any bugs or glitches that I can recall. So far everything is working well.

Scalability is one of the reasons we selected Azure Active Directory. It scales very well.

For now there are almost a hundred users using it, but we are adding more.

We contacted support only one time and it was not related to SSO. We had some questions about their subscription and it was good.

When I was working with another company, we were using on-premise Azure Active Directory. We didn't want to invest in the infrastructure to maintain it, to get the license, so it was not very cost effective for us. We had a meeting with the management and saw that Azure AD would be very cost effective, scalable, and more secure, especially in terms of SSO and MFA, which were some of our requirements. We didn't want Active Directory on premise. It was not easy to do the migration.

The initial setup is not very difficult, especially if you start using it straight away. But if you do the migration, I think that might be a challenge. Fortunately, we started directly from Azure AD, we didn't have to do any migration from Azure AD On-premise to the cloud. It was pretty straightforward and easy. We didn't face any difficulties.

It depends on their requirements and what they are trying to achieve. One shoe does not fit all feet, so that's why it might be different from company to company. For us, it met all our requirements. It was very scalable, which is huge, and just always available. You don't have to be very worried about maintaining your own hardware, your own infrastructure, updating the servers from time to time or caring about securing your on-premise infrastructure. Azure AD is a good solution. I am satisfied with it so far and everything works great.

On a scale of one to ten, I would give Azure Active Directory a nine.

We are a software development company and solution provider, and this is one of the products that we implement for our clients.

This is an easy way to give users access to applications. I can share access with other organizations outside of our network.

This solution is easy to manage.

The ability to grant access to other organizations is helpful.

It integrates well with a large number of applications.

Microsoft needs to add a single setup, so whenever resources join the company or are leaving the company, all of the changes can be made with a single click.

I would like to see a secure, on-premises gateway that offers connectivity between the physical servers and the cloud. The capability already exists, but it is not secure enough when the setting is marked private.

I have been using Microsoft Azure Active Directory Premium for about a year.

In the time that I have been using Microsoft Azure, I haven't had any problem with stability.

This is the right platform if you are looking for scalability. We have more than 100,000 users.

We have not needed to use technical support. 

We have a couple of contacts in the Microsoft team, so we will reach out to them in case we have any questions.

I have recently been working with Okta, and I find that most organizations are moving toward it. With this in mind, I think that Microsoft has to take care, and consider why so many people are switching. The most important reason is the single setup. Once they set up Okta, it's easy for the organization.

I have been working in Microsoft Azure for a long time and I find the initial setup to be easy.

For maintenance, we have a team of 20 administrators and developers.

Licensing fees are paid on a monthly basis and the cost depends on the number of users. There are no charges in addition to this.

The suitability of this solution depends on the technology and the environment at the organization. Many companies are still transitioning to the cloud, leaving part or all of their data on-premises. Ultimately, it depends on the data that they have and their preference or requirements for keeping it on-premises. In some cases, people want to move only non-private data to the cloud. All of these things have to be considered before implementing Azure Active Directory.

I would rate this solution an eight out of ten.

Our primary use case is to simplify directory deployment and centralize source of management. Within our own consulting business, we choose to use Azure AD.

The centralized management feature is very valuable. Being able to delete stuff in one place, from any location is really great for us. In addition, we do not have to deploy lots of machines all over the place to run things as a service, which is how we like to deploy things, just as a service. So, this makes it easier to deploy, easy to set up, and work with. It is easy to use, and makes quality of life issues a reality for us.

It would be nice if it had some visualization tools. A bit of visualization would be really nice to show your Azure directory structure. It would be very good because you might have sub-domains and odds-and-ends going on. So, a bit of visualization would be really good. Being able to plug it directly into the video to produce models would be a really nice feature.

Less than one year.

The stability is really good. We have not had an issue with it at all. It is always there for us.  As a part of what Microsoft seems to be doing, it is taking away from what dedicated machines that you have to fiddle and tinker with to run services on, and turning them into services you can just access.

My experience with tech support has been really good. I have had a couple of issues where I have logged the ticket with Microsoft, and I had someone on the phone with me regarding the ticket within a half an hour. It was a real technician who really knew what he was talking about. I was very impressed.

We had a problem related to Office 365 and Skype, and not being able to generate a Skype session when everything else seemed to be working. The tech support helped us fix the situation. They have a good depth of knowledge  and it is not just people reading off a script. They are real users, with real experience.

The initial deployment and setup was pretty straightforward. It is pretty easy. It is not that hard to get going, and the thing is that it is quick to integrate well with your Windows.

If you have an existing environment that consists of on-prem AD based environment, then you will want to go with Azure AD. You need to talk to your service provider, or your in-house IT team. Get them involved to help. We did so, and then we just set up a whole new domain and got rid of the old one, and set up the new one on Azure AD. Microsoft will help walk you through the process.

It looks like they're just making everything as a service and it is pay per user, and that just works for me. It's really good. Gets the cost down and lets you scale if you need it.

It is easy to use, straightforward, and in my language. It does exactly what is says, and does not pretend to be anything else.

I use Microsoft Entra ID daily as an end customer in an enterprise environment. We are using it for very simple use cases such as authenticating with SSO to third-party solutions.

In a lot of situations, it is easy and free or almost free to use Microsoft Entra MFA.

It could be better if a simple member could understand more easily the prices of the products and packages offered by Microsoft. Additionally, after the first three years of a bigger package, renewal prices could be more transparent as they tend to increase significantly.

I have been working with Microsoft Entra ID for approximately five years.

I haven't had any bad experiences with its stability in the last five years. It works consistently, and any downtime can be monitored through Microsoft State Data Monitor.

Our customers are small businesses, so scalability is not a significant concern for us.

I have a direct contact with the Microsoft Hungarian team. They manage our problems, especially on the enterprise side, and I have heard no negative feedback regarding their response times or SLAs.

Positive

The setup experience was not difficult and I would rate it as eight out of ten. It just required some time to set everything up correctly.

We consulted with the Microsoft Hungarian team for any enterprise-level issues.

Initially, customers can get good prices for a three-year package, but renewal prices tend to increase significantly. If a customer looks for an alternative solution after three years, we often find it cheaper or the same as continuing with Microsoft.

I've worked with the Microsoft Tensor Solution and CI Mentech. We also considered other authentication systems like Ping, Kaseya, and Symantec VIP. In terms of SASE, I've had experience with Netskope, Cloudflare, and Palo Alto.

If you consider SASE aspects, Microsoft Entra is not a leader solution. There are stronger competitors in SASE, like Netskope and Palo Alto, and it may not be the best idea to rely solely on Microsoft solutions if your operation runs on Microsoft.

I'd rate the solution five out of ten.

We primarily use the solution with our customers that use it.

We're using the solution for a lot of all different things. We have used it to support. We have something called BankID here in Sweden, where you identify yourself to your internet bank and lots of other areas and we have based our connection to BankID using Active Directory. 

It's user-friendly and easy to understand. It's doing work great so far.

We're mainly using templates and using the APIs rather than using the GUI. That's the easiest way to do things.

The initial setup is pretty easy.

The solution scales well.

It's a stable product for the most part.

Something that can be improved is their user interface. It needs to be better.

It's always a good idea to have some kind of expert GUI that you can turn on/off. There are a lot of settings to work through. If you are not that experienced, then maybe you might not want to use them. 

There should be an easier way to set up the regular things and then switch to a more expert kind of wizard to set things up.

We've used the product for many, many years at this point. 

The solution is stable. There aren't issues with bugs or glitches. it doesn't crash or freeze. Its performance is good.

We can scale the solution if we need to.

It is my understanding that support is not as good as Cloudflare, however, I haven't been using the support that much for Azure. There is lots of information out there on the internet. If you search, you don't need to contact support often.

The solution has been straightforward to set up. It's simple. It's not overly complex. 

We have a handful of people involved in the initial setup. You don't need very many. They are mostly specialists and technicians. 

While I don't directly deal with tracking ROI, our customers are satisfied with the way we are billing them when we're setting things up. 

The pricing seems to be fine for our clients.

We are an integrator. We are using the latest versions of the product.

New users should know that it's quite easy to set up a sandbox environment and a free account in order to play with it. It's fairly easy to kind of set up the proof of concept.

I would rate the solution an eight out of ten.

I use Azure Active Directory for user credential login, control my users with end-user policies, and apply my conditions.

Active Directory helps me all the time. When users want to log in, it shows me this information with a time and date. It also shows me which computer they are going to use. I can track my users at any time.

I like that you can run it on-premises. I also like that I can use Azure at any time as the main one.

ESAE management, especially the admin tools, could be improved. It should be built in by the vendor, and I shouldn't have to add patches or updates to connect to my domain directly. It should be added by default. The price could be better.

I have been dealing with this product for almost 20 years.

Azure Active Directory is a stable product. 

Azure Active Directory is a scalable product.

Customer service and support are perfect, especially when I'm dealing with my local third-party Microsoft vendor, who always supports me at any time.

Azure Active Directory is expensive.

I would recommend this solution to potential users.

On a scale from one to ten, I would give Azure Active Directory a ten.

The active directory on Microsoft Azure is similar to the corresponding system for an on-premise active directory.

I have no issues with Azure Active Directory.

Our users and clients are migrating from on-premises solutions to cloud-based solutions. As a result, they do not require on-premise service. 

What I like is that I can go anywhere, at any time, and to any client premise, and I can simply log in to the admin panel and can serve any of my clients.

Instead of using Team Viewer, you connect to their local service, which is centralized. I have got the Microsoft exchange, and have access to Microsoft Azure. I can check the workstations, and perhaps soon I will be using Microsoft Intune and the Microsoft Defender enterprise. Even if I am not on the premises, I will be able to check and secure my workstations.

I don't have any major problems. I don't use it in a way that requires a lot of resources.

The main issue is that because Active Directory is in the cloud, it will inevitably be dependent on internet connectivity.

It would be beneficial if Microsoft could make it lighter so that it requires fewer resources.

Better pricing will help us market it more than having it on-premises.

Azure Active Directory was implemented one year ago.

For the time being it has been stable. I have a small number of clients, and no hybrid system. We chose those clients with a maximum of twenty users. We don't want large clients so that we can implement one system in one location, and roll it out the same way to all of the clients.

In total, I have 10 clients, five of those are now users of Azure Active Directory.

By the end of the year, we hope to have all of our clients using Microsoft Azure.

New clients are immediately placed on Microsoft Azure.

The Microsoft team in Mauritius has been extremely helpful in implementing systems and resolving issues. We have small clients who have not been faced with many issues.

We deploy the M365 business premium services and a couple of months ago we started to implement 365 Defender. It is a cloud-based solution.

We're new to it. For the time being, we are only using the antivirus component. We haven't used Intune yet. We are not using the entire package. We are only now going to put such solutions into action.

Microsoft Azure was implemented a year ago, and is only used for the creation of users and emails, group emails, and shared boxes, but my clients are mostly lawyers. So, the primary uses are online email exchange and word processing.

We are trying to implement Microsoft Azure more and more.

Azure is the central point. Microsoft Azure is replacing my on-premises service.

The installation is rather straightforward.

We had some assistance from the local Microsoft team.

Licensing fees are paid on a monthly basis.

When I calculated the price, it appeared to be nearly the same as the on-premise server. 

Better pricing would attract customers to use the cloud.

We haven't had to deal with any major recovery issues.

We have had Excel and Word files that were simply recoverable. We backup the server, but nothing more serious than that.

We are Microsoft centric solution providers.

We have very small clients, companies with 20 to 30 users of Excel, Word, and the internet. We deploy Microsoft 365 platforms, not much in the way of large software applications.

I would recommend this solution to others, and I am already promoting it. 

I am suggesting that all of my clients migrate from on-premise active directory to a Microsoft view because, with the current COVID, many of our users work from home. I just wanted to point out that almost all of our users work from home. They are currently working on the roaster. Half of the company works from home, while the other half works on-site. Having active and SharePoint, is really assisting them in working from home.

I would rate Azure Active Directory a nine out of ten.