We primarily use the solution to take users into our AD. That's the basic purpose. We are using it in our whole organization so that our AD is synced.
Overall, the solution is quite good.
There are a few additional functionalities that are very compatible. For example, device management is there and creating a custom role, which reduces the task of restricting the user from AD, if the person is on the on-premise AD. If they're using on-premise, they have to create a distribution list, then apply Azure to that. It's simplified in Azure AD, making it easy to create roles and assign them to the users.
In fact, the device management and role assignments are great. These two features I found very compatible. For device management, if you are using an on-prem AD, you have to use some other software like Google admin to manage the devices. However, here, it is integrated into Azure AD. That's a positive aspect of the solution.
Regarding the role assignments, it's a very flexible way to restrict the user, or, if you want to customize access, that can be done as well.
The activity log, which is a way to see who made what changes, is quite useful.
Azure AD has features that helped improve our security posture. It is SSO - Single Sign-On. We can manage the users very easily and we can apply SSO and MFA to them.
I'll give it a score of four out of five for the security posture on offer.
For whatever company I'm working for, we cannot fully put the data on the cloud due to compliance. Rather, you have to keep some data on-premises. That’s why it’s great that we can use the hybrid approach with Microsoft.
Azure AD has not affected our end-user experience in any way. The transition is also quite smooth. If you're using an AD Connect to sync from your on-premises to your Azure AD, nothing has come up from the end-users in terms of issues or problems.
It has made our work easier in that it’s simplified everything for us. It has eliminated a few of the third-party tools, which we used to use. For example, we had a dependency on Google admin due to the fact that we could see where we could manage the devices of the user. That has been integrated directly to Azure AD.
The solution has not saved costs. While we’ve eliminated some tools, there are some other features that we are dependent on as admin, which is not yet integrated with Azure AD.
Other features have a broader scope and are covered under Azure. If, for example, I want to create a workflow, that cannot be done in Azure AD. That is something that is done in the Azure function or Azure logic app. Parts have to be covered in other functions.
Longer-term, there are some features which might be added, such as admin features similar to Google admin. If I'm an employee and I'm exiting the company, for example, I need to transfer that data from myself to my manager. For that, maybe they could include a feature where they can transfer the data from the user directly and we don't have to rely on any admins.
I've been using Azure AD for one and a half years. Before, we were on-premises.
The stability is quite good. It has already been integrated with SSO or MFA. From a security perspective, it's quite stable.
The scalability is pretty fair. Azure is doing quite good work in the cloud. It's one of the top clouds. Scalability is not an issue, for Azure AD at least.
We have approximately 800 users overall, between our India and Phoenix offices.
We have ten administrators working with this tool in your organization. They are mostly assistant admins. There are two people who are working as global administrators. They do all the configurations.
I haven't worked with Microsoft regarding this solution.
My past experience is limited to Azure AD. We also work with Azure Monitor and Azure Logic.
The initial setup is pretty much a straightforward process. I've set up another AD Connect and the process was done in 15 minutes. If you have proper documentation, you can go through it very, very smoothly. That's what my understanding is.
The solution doesn't require any maintenance.
We've definitely seen an ROI. I can't speak to the pricing part, however, when I see it as an administrator, I definitely see the value for money for our organization. A lot of functionalities have been added, with still more plans to add a few more features. There clearly has been a value addition.
I don't have any insight on the pricing end as that is always managed by our team leader. They take care of all the pricing activities, et cetera. Any pricing-related information I don't have knowledge of.
In terms of deployment, we are on a hybrid structure, where we are using an AD Connect to sync our on-prem users to Azure.
I'd rate the solution at a nine out of ten.
A lot of functions have been included as compared to the on-premises deployment. Compared with competitors such as AWS and Google Cloud, it is in a different league. For example, AWS also has good features, however, this is more simplified and it's a Microsoft product, so you can rely on it for the long term.