Microsoft Entra ID Reviews

We use the solution for single sign-on. 

The product is easy to use. 

Microsoft Entra ID should improve workload identities. It should set conditional access. 

I have been using the product for six years. 

My company has 5000 end users. I rate the product's scalability a nine out of ten. 

The tool's support is not good. However, the documentation is good. 

Negative

The tool's deployment is easy. 

We relied on two resources for deployment. 

I have seen ROI with the tool's use. 

The solution was fairly priced the last time I checked the costs. 

Microsoft Entra ID has helped us save money. It also helped us save 70 percent of the time. I rate it a nine out of ten. 

We migrated about 3,000 computers from on-prem Active Directory to Azure Active Directory or Azure AD. 

These are still early days, but we are certain that it will improve our organization as we move away from on-prem Active Directory.

It provides a single pane of glass for managing user access, but we have to get more into it to be able to say that for sure. We have got so many different tools. It would be nice to have less tools. We are starting to take a look at how to consolidate tools.

It will definitely help to save time for our IT administrators.

It has not yet helped to save our organization money. It is too early for that.

The way the laptops are joined is valuable. We can take advantage of that in terms of being able to log in and do things. It is easier to change passwords or set things up.

I would like to dive into some of the things that we saw today around the workflows at this Microsoft event. I cannot say that they need to make it better because I do not have much experience with it, but something that is always applicable to Microsoft is that they need to be able to integrate with their competitors. If you look at IDP, they do not integrate with Okta.

I have been using this solution for about six months. It was not called Entra ID then. It was called Azure AD.

Our dealings have been fine. We do not deal with them so much. When we have to open something, our account managers help us out.

We were on on-prem AD. We moved to Azure AD because of a merger. We were purchased by a larger company, so we are moving on to their domain.

It was in the middle of the road. It was not the easiest thing, and it was also not the hardest thing.

We took the help of a company. They did a good job. They helped us to move a huge amount of data.

It is in line. Because we are so early, we have not had to come back on a cycle where we are having to negotiate again.

I would rate Microsoft Entra ID a nine out of ten. It is very good.

Azure AD is primarily used as the backend for all Microsoft Office 365 user accounts and licensing, as well as for securing those accounts. Endpoint Manager is also utilized, which is part of domain control in the cloud, even though it is not Azure AD.

Azure AD has enabled the organization to set up single sign-on to all applications and has consolidated everything to a single cloud authentication for users. This saved a lot of time by not having to administer accounts in multiple systems, and it has also made it easy to control user identity for all cloud and internal applications. Security features such as attack surface rules and conditional access rules are also highly valuable and help the organization feel safe with all its user accounts. The Entra conditional access feature is used to enforce fine-tuned and adaptive access controls, and it is perfect for verifying users in line with the Zero Trust strategy. Overall, Azure AD enabled the organization to control one set of accounts and policies for everything, providing a huge benefit.

The security features, such as attack surface rules and conditional access rules, are the most valuable aspects of Azure AD.

The only improvement would be for everything to be instant in terms of applying changes and propagating them to systems.

I've been using this solution since 2017.

The stability of Azure AD is perfect.

Azure AD is highly scalable and enables the organization to control everything from one office.

The support channel for Azure AD is probably pretty good, although there was a strange experience with technical support once. Overall, the customer service and support would be rated as positive, with an eight out of ten rating.

Positive

I have never used any other products except Google Workspace, which is very intuitive but not comparable to an identity system.

The initial setup of Azure AD was quick and took just a workday or two, although tweaking it took about a week. The implementation of Azure AD probably took about 48 hours. In terms of maintenance, Azure AD doesn't require any maintenance as it is a cloud service that is always up to date.

At the time, we used contractors to set it up because it was new to us. If I was going to do it today, it wouldn't be that complex for me because I now know the ins and outs of it, but at that time, we contracted people to help us set it up so that we could do it with the best practice. We probably had just one contractor and then we just helped out.

For those looking to implement Azure AD in their organization for the first time, it would be recommended to get rid of the legacy Active Directory right away and go straight to Azure AD instead of starting out hybrid and having to wind that down. If local Active Directory isn't needed, it's best to move all authentication over to the cloud and scrap the Active Directory domain controllers. The Entra portal is a huge benefit as it provides a consolidated view of everything and makes it easier to navigate security, users, conditional access, and identity protection.

Microsoft has been consolidating the view to provide a single pane of glass. It has been more and more down to that. They're now out with something called Entra. It's the Entra portal, and it has a very consolidated view of everything I need to do. Microsoft Entra is basically Endpoint Manager, Microsoft Defender, and Azure Active Directory pulled together for an easy view and ease of navigation. I've started to use Entra a little bit. It has only been out for a little while, but it was created to simplify finding everything. So, instead of navigating through the portal at Azure, I've started using Entra. I like it a lot. At first glance, it looks very intuitive, especially based on how I've been navigating until now. 

What Entra is doing is a huge benefit. If you're starting up today, it's much easier to get into security, users and conditional access, and identity protection. They've consolidated most of the important things there. You can navigate to everything from there, but they draw forth the most important ones in a more intuitive way. They've done that, and what they've done with Entra is what was missing.

Overall, I'd rate Azure Active Directory an eight out of ten. 

We use Active Directory to manage our main database and control students and staff access with rules and passwords. Usernames, emails, etc., are all integrated with Active Directory. Office 365 is also integrated with our Active Directory.

The best thing about Active Directory is its compatibility. It works with lots of third-party vendors. We're using multiple products, and they're all integrated with our Active Directory.

Active Directory could always be more secure. Right now, we've got two-factor authentications. All services based on Active Directory have a username and password. If somebody hacked our username, they could easily get all the data from our side. So I want two-factor authentication and a stronger password policy from Active Directory. The domain controllers should be more secure as well.

We've been using Microsoft Active Directory for more than 10 years. 

Active Directory is a stable, scalable product.

Microsoft technical support is very good. They call us back and resolve the problem.

The setup is effortless because we've been using this solution for a while. We are familiar with the setup now, so it's easier.

We get a discount because we're working in the education sector. 

I rate Active Directory eight out of 10. I think this is a good product. Most enterprises are using this. We don't currently have any plans to switch, but we're planning to migrate more into the cloud. However, cloud service is still costly, so we are working on the premiums. I would recommend Active Directory for any large-scale company, organization, or university. 

We just use the solution for the authentication and the provision access control, among other tasks.

The access control aspect of the authentication is the solution's most valuable aspect.

The single sign-on is very convenient for us.

It would be ideal if the solution moved to a passwordless type of environment. It's the future of authentification. It's also more secure and convenient.

I've been using the solution for about a year.

The solution is quite stable. I haven't heard any bad things about it. It doesn't crash or freeze. I can't say that I've seen bugs or glitches. It seems to be very reliable so far.

I believe the solution is scalable, although I have not tried to scale it myself personally.

We have many people on the system, including doctors, nurses, practitioners, assistants, etc. It might be around 100 people, give or take.

I've never dealt with technical support for any reason. I wouldn't be able to evaluate their services or discuss their level of responsiveness.

I didn't handle any aspect of the implementation, as I'm not technical in any way. I wouldn't be able to specify if it was complex or straightforward or how the deployment went.

I don't have any insights into the licensing costs. I'm not a part of the accounting or payment process.

Our organizations has a few partnerships with Microsoft.

I don't know which version of the solution we're using. It's most likely the latest, due to the fact that it's a cloud deployment.

The only advice I have for other organizations considering the solution is this: just make sure that you have the right requirements. It's never a carbon copy. Every environment has different needs and requirements.

I'd rate the solution eight out of ten.

The primary use case is actually one interesting one because this customer we're deploying, They don't have Active Directory on-premise, and they need to use some applications that are on-prem, so in order to get authentication to work with those applications we had to come up with a workaround. So it was challenging to come up with that workaround and solution, but it worked quite well.

Azure Ad provides great flexibility even when nothing on-prem can provide user authentication. For cases like this, Microsoft and Citrix worked together to develop a solution that not only work with Azure AD but with other Directory tools to provide authentication via SAML or OAuth.

When logging on to Azure AD it's pretty quick.  This is because it is managed by Microsoft and there isn't too much administrative overhead for our System Administrators in setting up a bunch of complicated policies to allow the users to log on. Basically we lock down the machine with policies but, the user authentication is much faster and simpler. This is something that the users have noticed.

Apart from MFA and the SSO capabilities, I would say one of the amazing
things is that you don't have a limit in the objects that you can create
in Active Directory in Azure. Azure AD Premium doesn't have a limit in
terms of User/Computer objects you can create,
meaning that you can have a massive AD domain and it won't matter
because Azure AD can handle that. You can have 100.000 users in your
domain and keep growing if you want to. Azure AD can grow as required
and since it is PaaS you don't need to worry about provision
more hardware to keep performance up.

The natural evolution of things because obviously Azure Active Directory has a way to authenticate against on-prem normally you would need to have a Domain Controller on-premise and have either SSO or or Federation Services to be able to engage those two components and be able to allow authentication. But, having everything on the cloud as this customer didn't want anything on-prem only their network devices and some security devices and the limited applications, apart from that, they don't have anything to authenticate users on-prem. Having everything in the cloud and Active Directory, Azure AD is not able to provide Kerberos or Kerberos authentication if you're running only Azure AD it is a limitation. I think it's the next evolution of things. That's what the future is going to look like. There will barely be a be a need for any stuff on-prem. Everything will be on the cloud.

Less than one year.

We find it stable. It definitely has less issues than when you have Acive Directory on-prem. In terms of your connection from Azure Active Directory to your on-prem network is, you're using say, ExpressRoute or a point to point VPN, you don't notice any authentication problems or the computer lost the relationship with the domain, stuff like that. It's something that I haven't seen since I started working with Azure AD, so in terms of the stability and being reliable and not cause too many errors when you're working with it its something that I notice, if I compare with Active Directory on-premise and Azure AD.

We have a medium organization of about 4,000 users. There have been no issues with scalability. We're located here in Asia-Pacific we're using one of the data centers in Sydney, and in terms of scaling up the solution, the initial deployment and the initial design that we did has been enough. We also foresee in three or four years how the growth expectation in terms of users in, especially for one customer in particular.  We don't predict too much growth in terms of users. They're not going to grow from one year to the other in 10,000, 15,000 users but, the design can cope with that amount of users in terms of Active Directory.

Most of the time that I have dealt with tech support, it's very good.  They're very knowledgeable. The specialists are spot-on they definitely understand the problem from the beginning even though they don't know anything about the environment, but when you explain it to them and what the problem is they can give you pointers on what to do, and how to fix it and articles to read on how to fix it so they're very good. I would give it five out of five stars. However, I've seen times when we had to wait a long time to get answers if the call is not a high priority one, but most of the time when you're having an urgent incident they understand the critical of the issue and act accordingly.

Configuring the domain and setting it up in the Azure portal is just three clicks to be honest. You just need to configure your domain name, you need to configure your subscription to Azure and after that you can just start creating users or different groups that you want users on and depending on your security criteria or how many users. But, the process of actually setting up the tenancy is it's not that hard. I would say it's the work that comes after that requires time and some planning, you know. One must determine how many users you will have and how many domain controllers you need overall. I would say it's not very complicated but it's the planning and fine-tuning that comes afterwards that needs time.

I am not familiar with the pricing of the solution.

I don't know if it's something that's going to be addressed in the future, or not, but having Azure AD the boundary of action for Active Directory as a region when you define the domain so you can't extend the domain to another region because it's a limitation that Azure AD has that doesn't allow you to extend the domain to another region for say geolocation purposes or disaster recovery.  If you have your Azure AD on the Sydney data center, you're not going to be able to extend that to say, Singapore. But, it is not highly unlikely, but it's a very rare occasion that you lose a region or a whole data center. It can happen, obviously, but it's very unusual. So the chances of that happens are very low. When we did the design for this customer that was one of the limitations that we mentioned, and they were happy with it because you know Microsoft is a respectable company and obviously they would do the best to keep their data centers running all the time. And, to keep the cloud infrastructure for their customers online all the time. So they accepted the limitation or the risk and  we went ahead and did it. But that's definitely something that I notice as a limitation to me.

In my opinion, you have a good look at your current infrastructure and make a decision on what is fit for the cloud, and what is not, because there are certain applications, or certain systems, that it will take longer time to migrate to the cloud. Normally, this is a good approach and is actually the Microsoft approach, as they recommend you to go hybrid first. First, you do a very good assessment and then you migrate your on-prem AD to Azure AD and the systems that support your operation will follow in time, if remediations are required, but it is a journey to work better and more efficiently.

I have been working with a medication company and we are building an LMS system. We have an older version and we've decided to develop a new version of it. We are building the entire system on the cloud and using new technology.  We started the process on Azure cloud, but we have later plans to try AWS, but for now, we are using Azure Active Directory.

Having access to Azure Active Directory on the cloud gives us speed and use of the latest technology. The application services are very good, such as GitHub.

Azure Active Directory could be made easier to use. We have large amounts of data and storage. We are looking for video files and media content for applications, we will think about options, such as cloud storage or a CDN.

I have been using Azure Active Directory for approximately three years.

I have not found any problems with the stability of Azure Active Directory.

The support for Microsoft is good. We do have a developer support package with them. We create a ticket, they respond back, then there is some back and forth communication. They will have a call with you you and ask for a screenshot of the issue. If you have any issues, they help you. They will follow up with you, the service is not bad. There are times you have to keep following up with them but we were satisfied.

The process of implementing Azure Active Directory is not straightforward. We are currently still setting it up because we are adding more services, setting up the pipelines, and many other things behind the scenes. It's not as simple, it is tough to implement.

The price of Azure Active Directory and Amazon AWS, are almost the same, but most people prefer Amazon AWS because they find it's a little cheaper to some extent and an easier platform to use. 

The prices we pay for the solution can vary because we are adding more services a lot of the time, the price keeps going up and down. The price has been one thousand before but we are still adding more services. The price depends on what services you are using.

We are paying for support to use this solution which is an additional cost.

People have personal preferences in respect to choosing a cloud provider because there are many out there. In terms of support, you have to know exactly what you're looking for and get the pricing figured out. It is important to come up with a proper plan for the implementation.

I rate Azure Active Directory an eight out of ten.

We primarily use the product for the authentication for all of Office 365. It is also my single sign-on solution.

The solution is stable.

It's a very easy product to set up.

The product can scale well.

Technical support has been great.

It's an affordable solution.

The synchronization with my AD is not the best. The synchronization between my AD and Azure AD needs improvement. For example, for reports, et cetera, due to the fact that now I have two different ADs - one for local AD and another for Azure AD, the types of fields in the local AD do not sync with Azure AD. It's completely different.

I've been using the solution for four or five years at this point. 

The product is stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. The performance is good. 

The scalability is great. You can expand it as needed. We have about 2,000 users on the product right now. 

We've used technical support in the past. They have always been excellent. We're quite happy with its capabilities. 

Previously, I used Okta. I switched to Azure AD due to the fact that it's part of Office 365. It does not have a cost. It's not exactly free; it's part of the Microsoft bundle.

We found the implementation process to be quite straightforward and simple. It's not overly complex or difficult. 

It's pretty inexpensive to use the product, as it comes with the general Mircosoft bundle. Its costs are baked into using Microsoft in general. It makes it pretty affordable. 

I'm an end-user of the product.

We're always on the latest version of the product. Being on the cloud ensures we are always up-to-date on versions. 

I'd rate the product at an eight out of ten.