Microsoft Entra ID Reviews

Anyone who moves to Azure must have Azure Active Directory.

Azure Active Directory is identity management.

It's something we have to deal with every day. It is present. If you're in a domain environment, you'll need it to log in. If you work in a Microsoft-centric environment, you can't avoid it.

It's in the background and anyone who is a member of a Windows domain must have it.

Many people believe that the Azure Active Directory is overly complicated and antiquated.

Active Directory Windows hasn't evolved that much in over 20 years. Azure Active Directory, has a few nuanced elements. It's fairly straightforward.

I have been dealing with Azure Active Directory for well over 25 years.

Azure Active Directory is very stable.

Azure Active Directory is quite scalable.

When you've been dealing with a piece of technology for 25 years, it's simple, but the public perceives it to be complicated and antiquated.

Active Directory is a Windows component that requires a per-user license. If you're on Azure, it can be free or it's incorporated,  at no extra cost, or it can become extremely complicated.

If there is a cost, it is not expensive, but you have to have it if you are running an Active Directory environment. It's a have to have, not a nice to have.

We are partners with Microsoft.

I would rate Azure Active Directory an eight out of ten.

I like Intune's MDM and MI.

I would like it if Intune could manage MacOS or iOS directly. Right now, we have to use a third-party solution. 

I've been working with Intune for four years

I think Intune is more stable compared to five years ago.

Intune's scalability is better now that it's on the cloud. We can deploy to all of our devices without performance suffering.  

Microsoft support is good.

My customers usually do a pilot project. Then it goes to the IT department after that. If they are happy with the features and functionality, then they will deploy it to the users. We typically have no problems, but sometimes we face issues with older devices.

I would like to see Microsoft offer discounts for larger Intune deployments.

I rate Intune nine out of 10. If the user is working with a Microsoft device or license, Intune is really powerful because it has a bundled license. Still, if we need to manage another system, Intune is too expensive. If the ecosystem is Microsoft, I recommend Intune because it's Microsoft's end-to-end solution. 

• Office 365 authentication
• SSO for ServiceNow
• SSO for other cloud applications.

Improved user experience with SSO logins.

Keeping the same credentials as Active Directory.

Role-based access controls.

We use Office 365. We have different licenses because our users are using mail, mail strategies, Microsoft Teams, and the Office package. We use a lot of different services. We use Microsoft Intune, which is connected to Azure and other services like Conditional Access, which we also use. Microsoft Defender is another one, which is also connected to Azure.

The solution is deployed fully in the cloud through Microsoft Azure. We are using the latest version. The solution is on cloud, so we cannot control the version we're using. That is controlled by Microsoft.

We are satisfied with this solution because we use all of its features.

Reading documentation could be simplified. Technical support could also be faster.

We have used Azure Active Directory for several years.

We haven't had any problems with stability. Everything works fine.

We haven't had any issues with scalability.

We have approximately 500 users in our organization. We have plans to increase the number of people in our company and products because we're fully integrated with Microsoft and we will continue to use this solution and new ones.

We are an IT company, so the people who are using this solution are software developers.

I'm not satisfied with technical support. On a scale of 1 to 5, I would give it a 2.

Sometimes it is the first-line support, and it takes a lot of time to explain the problem. One problem can be discussed in one month. I even have some examples in the past where I created a request, my problem wasn't resolved, I found solution on the internet. It was faster than receiving a reply from Microsoft.

Previously, we used Active Directory on-premise. We also used different products from different vendors.

We switched to Microsoft because it is in the cloud and because of business continuity. For our company, it is better to use everything on the cloud than to keep it on-premise.

It's also better to go to the cloud because of security reasons.

On a scale of 1 to 5, I would rate the difficulty of setup as a 3. It's of medium difficulty.

With setup, sometimes there are difficulties with reading documentation because if you want to implement something, you have to go to Microsoft's instructions, and you will be redirected from one page to another. After reading about just one topic, you have to open 20 new tabs. Every time, you have to jump between instructions, from one instruction to another. I don't like this approach, personally. It should be done in one document, and the instructions could be a little bit simpler for the user.

We implemented Microsoft step-by-step, because first we only used the Office package. Then we started using the Intune solution. Later, we implemented Microsoft Defender, and continued working with Conditional Access. It is not like one setup, so it's a continuous process. It depends on organization scale and the needs from organization.

We deployed the solution ourselves.

The price is fine. It's a good value for the money compared with other solutions.

I cannot provide the exact numbers because we use a different type of licensing. For Azure, we have an Office 365 license. We also have a Microsoft Gold partnership and some products are included in one license.

I would rate this solution 8 out of 10.

The product is really good, but it's up to each company to decide.

Containerization is mainly what I've been dealing with lately. I've been trying to provide solutions with Active Directory and cloud resolutions so that Edge services can communicate properly to the main data centers.

We use Active Directory for global authentication.

The advantage of Azure Active Directory is that it's a cloud environment, so just about anybody can get to it. As long as you can get to the cloud, you can get to the internet. You can authenticate offshore resources to client services, which is what my present company does. That kind of authentication is much more advantageous as an Active Directory solution.

If you want to replicate a website at the frontend in Azure, it's very easy to do it globally.

As soon as you authenticate to the web storage, where you hit the frontend, then you can redirect to whatever resources locally that are duplicated.

It doesn't function the same way as Active Directory inside of a physical infrastructure. Even VMware Active Directory doesn't function the same way in the cloud. Cloud is all flat. That's one of the disadvantages. You can authenticate through Active Directory through Federated Services, but it's mainly like an IIS web frontend and bulk storage.

It's all record based.

I've dealt with Azure Active Directory for about three years.

It is a cloud solution.

Stability-wise, it is much more secure and stable than AWS. Oddly enough, a lot of people think that AWS has many more regions and sites. It's actually not true. Azure has far more. There's a good reason why the government jumped right on Azure and uses it for their internal resources.

It is very scalable.

Microsoft technical support is very responsive. If you buy the enterprise package, then when you call them, they will jump right in and help you out.

When one of our clients had a ransomware outbreak, Microsoft helped them solve quite a lot and helped them get up and running.

The initial setup is very straightforward. Microsoft is very good about helping you get things set up, and they're very responsive.

We evaluated AWS AD. AWS support will provide bits and pieces, but Microsoft will jump in and help out. Of course, you have to pay the price for the corporate support, but who wouldn't want that, especially when your whole environment is a Microsoft environment.

It works really well, and I would rate it at nine on a scale from one to ten. You need good training, and Microsoft will provide that for free as part of their package.

The primary use case is actually one interesting one because this customer we're deploying, They don't have Active Directory on-premise, and they need to use some applications that are on-prem, so in order to get authentication to work with those applications we had to come up with a workaround. So it was challenging to come up with that workaround and solution, but it worked quite well.

Azure Ad provides great flexibility even when nothing on-prem can provide user authentication. For cases like this, Microsoft and Citrix worked together to develop a solution that not only work with Azure AD but with other Directory tools to provide authentication via SAML or OAuth.

When logging on to Azure AD it's pretty quick.  This is because it is managed by Microsoft and there isn't too much administrative overhead for our System Administrators in setting up a bunch of complicated policies to allow the users to log on. Basically we lock down the machine with policies but, the user authentication is much faster and simpler. This is something that the users have noticed.

Apart from MFA and the SSO capabilities, I would say one of the amazing
things is that you don't have a limit in the objects that you can create
in Active Directory in Azure. Azure AD Premium doesn't have a limit in
terms of User/Computer objects you can create,
meaning that you can have a massive AD domain and it won't matter
because Azure AD can handle that. You can have 100.000 users in your
domain and keep growing if you want to. Azure AD can grow as required
and since it is PaaS you don't need to worry about provision
more hardware to keep performance up.

The natural evolution of things because obviously Azure Active Directory has a way to authenticate against on-prem normally you would need to have a Domain Controller on-premise and have either SSO or or Federation Services to be able to engage those two components and be able to allow authentication. But, having everything on the cloud as this customer didn't want anything on-prem only their network devices and some security devices and the limited applications, apart from that, they don't have anything to authenticate users on-prem. Having everything in the cloud and Active Directory, Azure AD is not able to provide Kerberos or Kerberos authentication if you're running only Azure AD it is a limitation. I think it's the next evolution of things. That's what the future is going to look like. There will barely be a be a need for any stuff on-prem. Everything will be on the cloud.

Less than one year.

We find it stable. It definitely has less issues than when you have Acive Directory on-prem. In terms of your connection from Azure Active Directory to your on-prem network is, you're using say, ExpressRoute or a point to point VPN, you don't notice any authentication problems or the computer lost the relationship with the domain, stuff like that. It's something that I haven't seen since I started working with Azure AD, so in terms of the stability and being reliable and not cause too many errors when you're working with it its something that I notice, if I compare with Active Directory on-premise and Azure AD.

We have a medium organization of about 4,000 users. There have been no issues with scalability. We're located here in Asia-Pacific we're using one of the data centers in Sydney, and in terms of scaling up the solution, the initial deployment and the initial design that we did has been enough. We also foresee in three or four years how the growth expectation in terms of users in, especially for one customer in particular.  We don't predict too much growth in terms of users. They're not going to grow from one year to the other in 10,000, 15,000 users but, the design can cope with that amount of users in terms of Active Directory.

Most of the time that I have dealt with tech support, it's very good.  They're very knowledgeable. The specialists are spot-on they definitely understand the problem from the beginning even though they don't know anything about the environment, but when you explain it to them and what the problem is they can give you pointers on what to do, and how to fix it and articles to read on how to fix it so they're very good. I would give it five out of five stars. However, I've seen times when we had to wait a long time to get answers if the call is not a high priority one, but most of the time when you're having an urgent incident they understand the critical of the issue and act accordingly.

Configuring the domain and setting it up in the Azure portal is just three clicks to be honest. You just need to configure your domain name, you need to configure your subscription to Azure and after that you can just start creating users or different groups that you want users on and depending on your security criteria or how many users. But, the process of actually setting up the tenancy is it's not that hard. I would say it's the work that comes after that requires time and some planning, you know. One must determine how many users you will have and how many domain controllers you need overall. I would say it's not very complicated but it's the planning and fine-tuning that comes afterwards that needs time.

I am not familiar with the pricing of the solution.

I don't know if it's something that's going to be addressed in the future, or not, but having Azure AD the boundary of action for Active Directory as a region when you define the domain so you can't extend the domain to another region because it's a limitation that Azure AD has that doesn't allow you to extend the domain to another region for say geolocation purposes or disaster recovery.  If you have your Azure AD on the Sydney data center, you're not going to be able to extend that to say, Singapore. But, it is not highly unlikely, but it's a very rare occasion that you lose a region or a whole data center. It can happen, obviously, but it's very unusual. So the chances of that happens are very low. When we did the design for this customer that was one of the limitations that we mentioned, and they were happy with it because you know Microsoft is a respectable company and obviously they would do the best to keep their data centers running all the time. And, to keep the cloud infrastructure for their customers online all the time. So they accepted the limitation or the risk and  we went ahead and did it. But that's definitely something that I notice as a limitation to me.

In my opinion, you have a good look at your current infrastructure and make a decision on what is fit for the cloud, and what is not, because there are certain applications, or certain systems, that it will take longer time to migrate to the cloud. Normally, this is a good approach and is actually the Microsoft approach, as they recommend you to go hybrid first. First, you do a very good assessment and then you migrate your on-prem AD to Azure AD and the systems that support your operation will follow in time, if remediations are required, but it is a journey to work better and more efficiently.

My primary use case is for Azure Active Directory is user management, creating users, assigning them access to network resources, network drives, resetting passwords, and dissembling users.

This solution has helped my organization by allowing us simple management of identities within the organization for integration with the single sign-on system unifying access to applications for mobile devices and management. 

AD is the starting point for the unification of access control, or for using those identities within AD. Without it, we would not be able to give our users access to applications from different devices, whether they are Mac OS, Windows 10, Android, or any other operating system.

Azure Active Directory is a very simple utility to use, it has very good visibility and transparency, and an easy-to-use panel.

I have been using Azure Active Directory for approximately one year.

Azure Active Directory's stability is very high.

The scalability is good.

The technical support could improve by having a faster response time.

I rate the support of Azure Active Directory a three out of five.

If you have been running an on-premises implementation of Active Directory Domain Services, then it is only a migration. You migrate the identities from on-premises to the cloud. 

If you are setting it up from scratch, it can be easy too. You can do the migration by using Azure AD Connect, which is mostly a straightforward process.

Everything begins with the design of the domain structure. If it is well designed, then it is simple to adopt AD from scratch. I am not sure about migrations from other implementations of identity control, but if you are starting from scratch, it is very easy to use.

I would recommend this solution to others.

I rate Azure Active Directory a nine out of ten.

I use Authenticator across my company for controlling access to our platforms and data.

The most valuable feature is the prompt for a number so that you're sure what you're seeing is what you're agreeing to.

It would be an improvement if Authenticator made it easier to recover the app if you reboot your cellphone and lose access.

Authenticator is stable.

The initial setup is straightforward.

Don't delay implementing this solution, it's the best thing you can do for your identity protection. I would rate Authenticator as nine out of ten.