Microsoft Entra ID Reviews

Active Directory is used for authentication and provisioning for users and devices and granting them access.

We're in a hybrid mode where we still have on-prem controllers as well.

The beauty is that it affords us more of an anytime, anywhere operation because we're not tied to an on-prem solution. From a customer experience standpoint, users don't really care about what goes on behind the scenes technically. They just want their lives to be easier. Now that they can access Office 365 globally, anywhere from any device, that's huge. That helps productivity and gives them the ability to get work done. And having to manage fewer passwords and user IDs is another true advantage.

The solution gives users seamless integration to all these products and streamlines the user experience. That's definitely been a pro.

In this completely upside-down world that we're in these days, with most people elsewhere and very few people in the office, it gives us tremendous flexibility for keeping people productive and providing them with access to the data and tools that they need to perform their jobs. It has given us the opportunity to move to this more mobile environment.

Also, the SSO aspect improves our security posture because people aren't writing down or creating a list of all their passwords. Now they only have to remember one. It has definitely made it easier for them to manage. In addition, we've introduced MFA so that whenever you sign in, you're also challenged for approval on your mobile device. That adds to the security.

The single sign-on across multiple platforms is really the true advantage here. That gives you one ID and password for access to all your systems. You don't need to manage a plethora of different user IDs and passwords to all the systems that you're going to access. 

The downside is that we now have all our eggs in one basket with Microsoft. We have this great authentication and single sign-on, but if Microsoft has an outage in North America or globally, on Outlook or Teams, we're dead in the water. There is no drop-back-and-punt. There is no "Plan B." The bottom line is that if their services go down, our productivity goes with it. Working with them when we have outages can be very frustrating. We get some type of hiccup once a quarter.

We get service notifications from them all the time that the services are under investigation or that there is some type of issue. More than the headache of not completely understanding the severity, we have to make sure that we communicate with our end-users. We get to the point where we're potentially "crying wolf." We're telling them there's a problem but some people don't have the problem. Then they get to the point where they just ignore our communication.

Outages can last hours, but never more than a day. They can be regional outages where one area is affected and other areas aren't. The advantage is that it could be evening or night in the area that is down, so it's less impactful.

I've been using Azure Active Directory at my current company for just about four years.

My impression of the stability is mixed. If it were really working correctly, it should be able to digest these outages by rerouting us to other areas. But that doesn't happen.

We have a global footprint, so it scales globally, no doubt.

Tech support from Microsoft has been cumbersome for Office 365. We don't really get the answers we want in a timely manner. There are times that we get the runaround, and that's the downside to being an early adopter and being on the leading edge. Sometimes we have to sometimes QA and work out issues with their products, which I'd rather not have to do.

A larger shop, like a Goldman Sachs or a JP Morgan, is not going to adopt this stuff until it's mature. And that means that smaller companies, like ours, have worked out the kinks.

Neutral

Before AAD we used the on-prem version with on-prem controllers. We went with AAD because there was no other option. We had their on-prem solution, and in the evolution directed by our CTO, everything is moving to the cloud. The next logical next step was to move to AAD.

I didn't set it up, the guys who work for me did it. I think it was fairly complex because we're about to go through an acquisition and we are going to merge them into our tenant. We have to outsource some of that work to a third party to assist us with that because we don't have the in-house skills.

Costs are constantly being managed. We don't really have a choice. It's the one shop in town. If you want this, you have to pay for it. We have an E5 license, which I believe is the most expensive license.

From an AAD standpoint, I don't think we've had any issues. The data replicates correctly and no one really has a problem with their credentials from AAD. It's meeting our expectations.

I set up Azure Active Directory for many customers of the company I work for. I'm an implementer. It is the basis of identity and access for all the tenants we are using for our customers.

Microsoft Entra helps our clients save a lot of time, especially with the many automation processes that we can leverage to facilitate our work. The amount of time saved depends on the customer's needs. In general, on average I would estimate it saves them 40 percent in terms of time. But in some cases, it could be up to 70 percent.

It also helps them save money because they can work with fewer employees, or they don't have to hire more employees to do tasks that can be automated.

Another benefit is that it provides satisfaction at the administration level. On the user level, the ease of use makes it easy to understand without any limitations.

And it provides quite a good level of security for all users.

All the features of the solution are helpful. Among them, one of the most important is the Conditional Access. It helps affect a Zero Trust strategy positively.

Also, I use Entra Permission Management to distribute the roles among all users according to management requests. Microsoft provides reports for visibility and all kinds of controls where you can see the users and their access. Permission Management helps reduce the risk surface when it comes to identity permissions. It supports adaptive controls and that helps me in defining the right controls for users.

I would like them to improve the dashboard by presenting the raw data in a more visual way for the logs and events. That would help us understand the reports better.

I have been using Azure Active Directory for about three years.

It's stable. I haven't experienced any downtime or breakdowns with the product.

It's scalable.

I'm satisfied with their support. 

Neutral

It's easy to set up. 

The amount of time needed to set up Azure Active Directory depends on each customer's use case. It will take at least three to four hours for a small organization, and in that scenario you wouldn't need more than one person to set it up. For larger organizations, it may take a week and we would need two to three persons.

Our customers are looking for advanced features and processes for it to be cost-effective for their organizations. They see it as an overpriced product. They are enjoying using Azure Active Directory, but they are looking for better prices.

Just follow the book.

The most valuable features are

• authentication
• authorization
• two-factor authentication
• I have never had a failure.

It's multi-tenant, residing in multiple locations. Authentication happens quickly. Irrespective of whether I'm in Australia, the US, India, or Africa, I don't see any latency. Those are the good features that I rely on.

It also has a variable extension, which is an added value because in Active Directory, if you have to do a schema, you have to make changes on multiple Active Directory instances. But here, as the extension attribute can be done from the application level, it helps you provide the provisioning. 

Another good reason for using Azure AD is that it can connect with other SaaS services. It also has SSOs, which, along with the MFA, makes authentication much easier.

One area where it can improve is connectivity with other systems. Not all systems are connected and you have to do coding to establish a point of connectivity. It supports certain vendors and it supports certain protocols. It is limited in many other aspects at the attribute level.

Also, some of the provisioning filters are not capable enough. You cannot do a date filter on the provisioning.

Perhaps they could also have easy protocols to create the accounts. Instead of just a file upload, they should have an easy connector to do the provisioning part.

I work in a service-based company and I've been using Azure Active Directory for my customers for around 10 years now.

From 2020 to 2022, there have not been more than two or three outages, and none was more than three to four hours long. And those outages may not have occurred the whole time in the entire environment, they may only have been in certain places.

When there is an outage, the end-user experience is affected, but that happens in AWS and in Azure. It happens with any SaaS product. Overall, it has not affected the end-user experience, but when there is an outage in Azure, it will have an impact on our environment.

It's scalable, but if you need more than one region, you have to pay for it. You have to think about how you want the service to be available.

The technical support is good.

Positive

The initial setup is easy and straightforward. Setting up Azure AD doesn't require you to do anything. You buy the product from Microsoft and Microsoft sets it up for you. You just establish the connectivity to it. It does not take more than a week or two to complete the setup.

The number of employees you require for deployment and maintenance of the solution depends on how you have set up your provisioning platform. If it is automated, you can have one resource. If you're still in manual, then it depends on the volume of the workload.

Licenses are based on the usage. There is no cap. It's based on the number of users we provision.

A SaaS solution is the best product. You get it at a better price and you have many Windows-based services that are included for free.

I would definitely recommend using Azure AD. Many companies are moving from other vendors to Azure because every company uses Office 365 anyway for Word, Excel, and PowerPoint. As soon as you use that, by default, you get an Azure AD account. If you have an Azure AD account, you definitely have features to use. Why would you want to go for another product?

Overall, I haven't seen any major issues with the product.

This solution is useful for user management because it is integrated with DNS.

The solution is deployed on cloud and on-premises. We're using the latest version.

We have about 200-250 users. All of our users have local and Active Directory. We don't have plans to increase usage.

It's user friendly.

The solution could be cheaper.

We have been using this solution for about five years.

It's stable.

The solution is scalable.

Technical support is good.

Installation is straightforward. It only took a couple of hours to set everything up.

We pay a yearly license. Licenses are very expensive.

We use Office 365. We have different licenses because our users are using mail, mail strategies, Microsoft Teams, and the Office package. We use a lot of different services. We use Microsoft Intune, which is connected to Azure and other services like Conditional Access, which we also use. Microsoft Defender is another one, which is also connected to Azure.

The solution is deployed fully in the cloud through Microsoft Azure. We are using the latest version. The solution is on cloud, so we cannot control the version we're using. That is controlled by Microsoft.

We are satisfied with this solution because we use all of its features.

Reading documentation could be simplified. Technical support could also be faster.

We have used Azure Active Directory for several years.

We haven't had any problems with stability. Everything works fine.

We haven't had any issues with scalability.

We have approximately 500 users in our organization. We have plans to increase the number of people in our company and products because we're fully integrated with Microsoft and we will continue to use this solution and new ones.

We are an IT company, so the people who are using this solution are software developers.

I'm not satisfied with technical support. On a scale of 1 to 5, I would give it a 2.

Sometimes it is the first-line support, and it takes a lot of time to explain the problem. One problem can be discussed in one month. I even have some examples in the past where I created a request, my problem wasn't resolved, I found solution on the internet. It was faster than receiving a reply from Microsoft.

Previously, we used Active Directory on-premise. We also used different products from different vendors.

We switched to Microsoft because it is in the cloud and because of business continuity. For our company, it is better to use everything on the cloud than to keep it on-premise.

It's also better to go to the cloud because of security reasons.

On a scale of 1 to 5, I would rate the difficulty of setup as a 3. It's of medium difficulty.

With setup, sometimes there are difficulties with reading documentation because if you want to implement something, you have to go to Microsoft's instructions, and you will be redirected from one page to another. After reading about just one topic, you have to open 20 new tabs. Every time, you have to jump between instructions, from one instruction to another. I don't like this approach, personally. It should be done in one document, and the instructions could be a little bit simpler for the user.

We implemented Microsoft step-by-step, because first we only used the Office package. Then we started using the Intune solution. Later, we implemented Microsoft Defender, and continued working with Conditional Access. It is not like one setup, so it's a continuous process. It depends on organization scale and the needs from organization.

We deployed the solution ourselves.

The price is fine. It's a good value for the money compared with other solutions.

I cannot provide the exact numbers because we use a different type of licensing. For Azure, we have an Office 365 license. We also have a Microsoft Gold partnership and some products are included in one license.

I would rate this solution 8 out of 10.

The product is really good, but it's up to each company to decide.

Typically, we have applications deployed within the office network that we need to make accessible to our staff outside of the bank. Some of them are also our clients, but mainly, this is for people working in the region.

So without having to put them behind firewalls, what we opted to do is publish them to the proxy. This means that they can then come in via a secure port and begin to access the resources as if they were internally and securely within the network.

The most valuable feature is the ability to set up conditional access, where you can enforce users to connect using multifactor authentication. This is one of the things that we are using it for. It means that users who are accessing the applications remotely are authentic.

Technical support could be faster.

I have been using this product for three years.

This solution is stable and we plan to increase our usage.

It is a scalable product. It can be deployed in a highly available manner, where you have to have two or three connectors. We have approximately 7,000 users.

We are satisfied with the technical support from Microsoft, although it could be faster.

This product is part of our enterprise license and we did not previously use a different one.

This is a cloud service, so the initial setup is straightforward. It is not complex.

For each request, it does not take very long.

We deployed this product ourselves.

No staff is required for maintenance.

This product is sold as part of the enterprise package and our licensing fees are paid on a yearly basis. You can get it as an add-on and it's not expensive.

I have not evaluated other solutions, which makes it difficult to tell what additional features I would like to see in the future. It is sufficient and adequate for our current use case.

In our current use case, there is nothing that is lacking. This is definitely a product that I can recommend for other users.

I would rate this solution an eight out of ten.

We use the solution for single sign-on. 

The product is easy to use. 

Microsoft Entra ID should improve workload identities. It should set conditional access. 

I have been using the product for six years. 

My company has 5000 end users. I rate the product's scalability a nine out of ten. 

The tool's support is not good. However, the documentation is good. 

Negative

The tool's deployment is easy. 

We relied on two resources for deployment. 

I have seen ROI with the tool's use. 

The solution was fairly priced the last time I checked the costs. 

Microsoft Entra ID has helped us save money. It also helped us save 70 percent of the time. I rate it a nine out of ten. 

We migrated about 3,000 computers from on-prem Active Directory to Azure Active Directory or Azure AD. 

These are still early days, but we are certain that it will improve our organization as we move away from on-prem Active Directory.

It provides a single pane of glass for managing user access, but we have to get more into it to be able to say that for sure. We have got so many different tools. It would be nice to have less tools. We are starting to take a look at how to consolidate tools.

It will definitely help to save time for our IT administrators.

It has not yet helped to save our organization money. It is too early for that.

The way the laptops are joined is valuable. We can take advantage of that in terms of being able to log in and do things. It is easier to change passwords or set things up.

I would like to dive into some of the things that we saw today around the workflows at this Microsoft event. I cannot say that they need to make it better because I do not have much experience with it, but something that is always applicable to Microsoft is that they need to be able to integrate with their competitors. If you look at IDP, they do not integrate with Okta.

I have been using this solution for about six months. It was not called Entra ID then. It was called Azure AD.

Our dealings have been fine. We do not deal with them so much. When we have to open something, our account managers help us out.

We were on on-prem AD. We moved to Azure AD because of a merger. We were purchased by a larger company, so we are moving on to their domain.

It was in the middle of the road. It was not the easiest thing, and it was also not the hardest thing.

We took the help of a company. They did a good job. They helped us to move a huge amount of data.

It is in line. Because we are so early, we have not had to come back on a cycle where we are having to negotiate again.

I would rate Microsoft Entra ID a nine out of ten. It is very good.