Microsoft Entra ID Reviews

Active Directory is used for authentication and provisioning for users and devices and granting them access.

We're in a hybrid mode where we still have on-prem controllers as well.

The beauty is that it affords us more of an anytime, anywhere operation because we're not tied to an on-prem solution. From a customer experience standpoint, users don't really care about what goes on behind the scenes technically. They just want their lives to be easier. Now that they can access Office 365 globally, anywhere from any device, that's huge. That helps productivity and gives them the ability to get work done. And having to manage fewer passwords and user IDs is another true advantage.

The solution gives users seamless integration to all these products and streamlines the user experience. That's definitely been a pro.

In this completely upside-down world that we're in these days, with most people elsewhere and very few people in the office, it gives us tremendous flexibility for keeping people productive and providing them with access to the data and tools that they need to perform their jobs. It has given us the opportunity to move to this more mobile environment.

Also, the SSO aspect improves our security posture because people aren't writing down or creating a list of all their passwords. Now they only have to remember one. It has definitely made it easier for them to manage. In addition, we've introduced MFA so that whenever you sign in, you're also challenged for approval on your mobile device. That adds to the security.

The single sign-on across multiple platforms is really the true advantage here. That gives you one ID and password for access to all your systems. You don't need to manage a plethora of different user IDs and passwords to all the systems that you're going to access. 

The downside is that we now have all our eggs in one basket with Microsoft. We have this great authentication and single sign-on, but if Microsoft has an outage in North America or globally, on Outlook or Teams, we're dead in the water. There is no drop-back-and-punt. There is no "Plan B." The bottom line is that if their services go down, our productivity goes with it. Working with them when we have outages can be very frustrating. We get some type of hiccup once a quarter.

We get service notifications from them all the time that the services are under investigation or that there is some type of issue. More than the headache of not completely understanding the severity, we have to make sure that we communicate with our end-users. We get to the point where we're potentially "crying wolf." We're telling them there's a problem but some people don't have the problem. Then they get to the point where they just ignore our communication.

Outages can last hours, but never more than a day. They can be regional outages where one area is affected and other areas aren't. The advantage is that it could be evening or night in the area that is down, so it's less impactful.

I've been using Azure Active Directory at my current company for just about four years.

My impression of the stability is mixed. If it were really working correctly, it should be able to digest these outages by rerouting us to other areas. But that doesn't happen.

We have a global footprint, so it scales globally, no doubt.

Tech support from Microsoft has been cumbersome for Office 365. We don't really get the answers we want in a timely manner. There are times that we get the runaround, and that's the downside to being an early adopter and being on the leading edge. Sometimes we have to sometimes QA and work out issues with their products, which I'd rather not have to do.

A larger shop, like a Goldman Sachs or a JP Morgan, is not going to adopt this stuff until it's mature. And that means that smaller companies, like ours, have worked out the kinks.

Neutral

Before AAD we used the on-prem version with on-prem controllers. We went with AAD because there was no other option. We had their on-prem solution, and in the evolution directed by our CTO, everything is moving to the cloud. The next logical next step was to move to AAD.

I didn't set it up, the guys who work for me did it. I think it was fairly complex because we're about to go through an acquisition and we are going to merge them into our tenant. We have to outsource some of that work to a third party to assist us with that because we don't have the in-house skills.

Costs are constantly being managed. We don't really have a choice. It's the one shop in town. If you want this, you have to pay for it. We have an E5 license, which I believe is the most expensive license.

From an AAD standpoint, I don't think we've had any issues. The data replicates correctly and no one really has a problem with their credentials from AAD. It's meeting our expectations.

The most valuable features are

• authentication
• authorization
• two-factor authentication
• I have never had a failure.

It's multi-tenant, residing in multiple locations. Authentication happens quickly. Irrespective of whether I'm in Australia, the US, India, or Africa, I don't see any latency. Those are the good features that I rely on.

It also has a variable extension, which is an added value because in Active Directory, if you have to do a schema, you have to make changes on multiple Active Directory instances. But here, as the extension attribute can be done from the application level, it helps you provide the provisioning. 

Another good reason for using Azure AD is that it can connect with other SaaS services. It also has SSOs, which, along with the MFA, makes authentication much easier.

One area where it can improve is connectivity with other systems. Not all systems are connected and you have to do coding to establish a point of connectivity. It supports certain vendors and it supports certain protocols. It is limited in many other aspects at the attribute level.

Also, some of the provisioning filters are not capable enough. You cannot do a date filter on the provisioning.

Perhaps they could also have easy protocols to create the accounts. Instead of just a file upload, they should have an easy connector to do the provisioning part.

I work in a service-based company and I've been using Azure Active Directory for my customers for around 10 years now.

From 2020 to 2022, there have not been more than two or three outages, and none was more than three to four hours long. And those outages may not have occurred the whole time in the entire environment, they may only have been in certain places.

When there is an outage, the end-user experience is affected, but that happens in AWS and in Azure. It happens with any SaaS product. Overall, it has not affected the end-user experience, but when there is an outage in Azure, it will have an impact on our environment.

It's scalable, but if you need more than one region, you have to pay for it. You have to think about how you want the service to be available.

The technical support is good.

Positive

The initial setup is easy and straightforward. Setting up Azure AD doesn't require you to do anything. You buy the product from Microsoft and Microsoft sets it up for you. You just establish the connectivity to it. It does not take more than a week or two to complete the setup.

The number of employees you require for deployment and maintenance of the solution depends on how you have set up your provisioning platform. If it is automated, you can have one resource. If you're still in manual, then it depends on the volume of the workload.

Licenses are based on the usage. There is no cap. It's based on the number of users we provision.

A SaaS solution is the best product. You get it at a better price and you have many Windows-based services that are included for free.

I would definitely recommend using Azure AD. Many companies are moving from other vendors to Azure because every company uses Office 365 anyway for Word, Excel, and PowerPoint. As soon as you use that, by default, you get an Azure AD account. If you have an Azure AD account, you definitely have features to use. Why would you want to go for another product?

Overall, I haven't seen any major issues with the product.

This solution is useful for user management because it is integrated with DNS.

The solution is deployed on cloud and on-premises. We're using the latest version.

We have about 200-250 users. All of our users have local and Active Directory. We don't have plans to increase usage.

It's user friendly.

The solution could be cheaper.

We have been using this solution for about five years.

It's stable.

The solution is scalable.

Technical support is good.

Installation is straightforward. It only took a couple of hours to set everything up.

We pay a yearly license. Licenses are very expensive.

Typically, we have applications deployed within the office network that we need to make accessible to our staff outside of the bank. Some of them are also our clients, but mainly, this is for people working in the region.

So without having to put them behind firewalls, what we opted to do is publish them to the proxy. This means that they can then come in via a secure port and begin to access the resources as if they were internally and securely within the network.

The most valuable feature is the ability to set up conditional access, where you can enforce users to connect using multifactor authentication. This is one of the things that we are using it for. It means that users who are accessing the applications remotely are authentic.

Technical support could be faster.

I have been using this product for three years.

This solution is stable and we plan to increase our usage.

It is a scalable product. It can be deployed in a highly available manner, where you have to have two or three connectors. We have approximately 7,000 users.

We are satisfied with the technical support from Microsoft, although it could be faster.

This product is part of our enterprise license and we did not previously use a different one.

This is a cloud service, so the initial setup is straightforward. It is not complex.

For each request, it does not take very long.

We deployed this product ourselves.

No staff is required for maintenance.

This product is sold as part of the enterprise package and our licensing fees are paid on a yearly basis. You can get it as an add-on and it's not expensive.

I have not evaluated other solutions, which makes it difficult to tell what additional features I would like to see in the future. It is sufficient and adequate for our current use case.

In our current use case, there is nothing that is lacking. This is definitely a product that I can recommend for other users.

I would rate this solution an eight out of ten.

We use the solution for single sign-on. 

The product is easy to use. 

Microsoft Entra ID should improve workload identities. It should set conditional access. 

I have been using the product for six years. 

My company has 5000 end users. I rate the product's scalability a nine out of ten. 

The tool's support is not good. However, the documentation is good. 

Negative

The tool's deployment is easy. 

We relied on two resources for deployment. 

I have seen ROI with the tool's use. 

The solution was fairly priced the last time I checked the costs. 

Microsoft Entra ID has helped us save money. It also helped us save 70 percent of the time. I rate it a nine out of ten. 

We migrated about 3,000 computers from on-prem Active Directory to Azure Active Directory or Azure AD. 

These are still early days, but we are certain that it will improve our organization as we move away from on-prem Active Directory.

It provides a single pane of glass for managing user access, but we have to get more into it to be able to say that for sure. We have got so many different tools. It would be nice to have less tools. We are starting to take a look at how to consolidate tools.

It will definitely help to save time for our IT administrators.

It has not yet helped to save our organization money. It is too early for that.

The way the laptops are joined is valuable. We can take advantage of that in terms of being able to log in and do things. It is easier to change passwords or set things up.

I would like to dive into some of the things that we saw today around the workflows at this Microsoft event. I cannot say that they need to make it better because I do not have much experience with it, but something that is always applicable to Microsoft is that they need to be able to integrate with their competitors. If you look at IDP, they do not integrate with Okta.

I have been using this solution for about six months. It was not called Entra ID then. It was called Azure AD.

Our dealings have been fine. We do not deal with them so much. When we have to open something, our account managers help us out.

We were on on-prem AD. We moved to Azure AD because of a merger. We were purchased by a larger company, so we are moving on to their domain.

It was in the middle of the road. It was not the easiest thing, and it was also not the hardest thing.

We took the help of a company. They did a good job. They helped us to move a huge amount of data.

It is in line. Because we are so early, we have not had to come back on a cycle where we are having to negotiate again.

I would rate Microsoft Entra ID a nine out of ten. It is very good.

It gives us security when integrating all the Active Directories of all our branches together, giving us a centralized database and authentication.

It has helped save time for our IT administrators. It's seamless for the users because they simply log into the stations, but it's affecting the response time and efficiency of the IT team.

Active Directory itself is the best feature it has. It also gives us a single pane of glass for managing user access.

I have been working with Azure Active Directory for almost a year.

So far, it has been a stable solution.

It is scalable.

We did not have a previous solution.

I am working right now on whether we have seen ROI from the solution.

We are always looking for better pricing. Our agreement is on a monthly basis.

We're planning to use conditional access to access controls, but we have not done so in the meantime.

The solution doesn't require much maintenance; we're talking about two or three people.

When we access the API, we use Microsoft Authenticator. Something with potential will be saved, and if the company has some use cases to connect to some database, I will use it as well, or something along those lines.

Normally, because a third party requires it.

It provides you with security. It provides the third party with some level of security.

But vendors like myself do not appreciate it.

The most valuable feature of this solution is that is easy to use.

It is also automated.

I believe it can also be integrated into other Microsoft products, as well as more integrations with other solutions.

I have been working with Microsoft Authenticator for two years.

I am working with the most recent version.

Microsoft Authenticator is quite stable.

I would rate the stability of Microsoft Authenticator a ten out of ten.

Microsoft Authenticator is a scalable solution. 

I would rate the scalability of Microsoft Authenticator an eight out of ten.

As far as I know, we have more than 30 users in our organization. Some are senior professionals and some are developers.

I have never dealt with technical support.

I use UiPath as well as Automation Anywhere.

I started with Authenticator and then moved on to the Namespace version or class that I can import from Microsoft.

I would rate the initial setup a ten out of ten.

It was easy.

It only took a few hours to deploy.

It's an out-of-the-box deployment, but I am not the one who manages it.

One person was involved in the deployment.

I would recommend this solution to others who are interested in using it. It is easy to use and it fits its purpose.

Because it is scalable and reliable, I would rate Microsoft Authenticator an eight out of ten.