Azure AD is primarily used as the backend for all Microsoft Office 365 user accounts and licensing, as well as for securing those accounts. Endpoint Manager is also utilized, which is part of domain control in the cloud, even though it is not Azure AD.
Azure AD has enabled the organization to set up single sign-on to all applications and has consolidated everything to a single cloud authentication for users. This saved a lot of time by not having to administer accounts in multiple systems, and it has also made it easy to control user identity for all cloud and internal applications. Security features such as attack surface rules and conditional access rules are also highly valuable and help the organization feel safe with all its user accounts. The Entra conditional access feature is used to enforce fine-tuned and adaptive access controls, and it is perfect for verifying users in line with the Zero Trust strategy. Overall, Azure AD enabled the organization to control one set of accounts and policies for everything, providing a huge benefit.
The security features, such as attack surface rules and conditional access rules, are the most valuable aspects of Azure AD.
The only improvement would be for everything to be instant in terms of applying changes and propagating them to systems.
I've been using this solution since 2017.
The stability of Azure AD is perfect.
Azure AD is highly scalable and enables the organization to control everything from one office.
The support channel for Azure AD is probably pretty good, although there was a strange experience with technical support once. Overall, the customer service and support would be rated as positive, with an eight out of ten rating.
I have never used any other products except Google Workspace, which is very intuitive but not comparable to an identity system.
The initial setup of Azure AD was quick and took just a workday or two, although tweaking it took about a week. The implementation of Azure AD probably took about 48 hours. In terms of maintenance, Azure AD doesn't require any maintenance as it is a cloud service that is always up to date.
At the time, we used contractors to set it up because it was new to us. If I was going to do it today, it wouldn't be that complex for me because I now know the ins and outs of it, but at that time, we contracted people to help us set it up so that we could do it with the best practice. We probably had just one contractor and then we just helped out.
For those looking to implement Azure AD in their organization for the first time, it would be recommended to get rid of the legacy Active Directory right away and go straight to Azure AD instead of starting out hybrid and having to wind that down. If local Active Directory isn't needed, it's best to move all authentication over to the cloud and scrap the Active Directory domain controllers. The Entra portal is a huge benefit as it provides a consolidated view of everything and makes it easier to navigate security, users, conditional access, and identity protection.
Microsoft has been consolidating the view to provide a single pane of glass. It has been more and more down to that. They're now out with something called Entra. It's the Entra portal, and it has a very consolidated view of everything I need to do. Microsoft Entra is basically Endpoint Manager, Microsoft Defender, and Azure Active Directory pulled together for an easy view and ease of navigation. I've started to use Entra a little bit. It has only been out for a little while, but it was created to simplify finding everything. So, instead of navigating through the portal at Azure, I've started using Entra. I like it a lot. At first glance, it looks very intuitive, especially based on how I've been navigating until now.
What Entra is doing is a huge benefit. If you're starting up today, it's much easier to get into security, users and conditional access, and identity protection. They've consolidated most of the important things there. You can navigate to everything from there, but they draw forth the most important ones in a more intuitive way. They've done that, and what they've done with Entra is what was missing.
Overall, I'd rate Azure Active Directory an eight out of ten.