Microsoft Entra ID Reviews

Azure AD is where our primary user data is stored. We get a feed-in from our HCM solution and it creates our users, and then that's where we store all of their authorizations, group memberships, and other relevant details.

We access it through the Azure Portal.

This product has helped improve our security posture because it allows a tie-in into the Microsoft Azure Sentinel product very easily and seamlessly. From a security standpoint, you have the option of conditional access, the option of identity protection, and those types of things. We have incorporated those right into our offering.

Overall, security-wise, this solution has allowed us to be more flexible. When you had just Active Directory and it was an on-premise solution, you had to do a lot of manipulation to get SaaS products working. You had to do a lot of customizing and those types of things. With Azure Active Directory, it's more configuration than it is customization. This allows us to be a lot more flexible, which brings about efficiency, better security, and other benefits.

Azure Active Directory has also improved our end-user experience.

Before, most companies including ours would use a customized username that would have random characters for a user. This is different from Azure Active Directory, which uses what looks like the email address as your username. In fact, it can be set up as a genuine email address. Where it differs is on the back end, where it has a unique ID, but on the front end, it's more readable and it's better understandable.

From my user experience, the sign-on is seamless as you go through and use any of Microsoft products. Everything ties right into it, and then as you set up your different applications that are tied into Azure Active Directory, and get the single sign-on, everything becomes a whole lot easier to connect into. From a user experience, it's improved it drastically.

For provisioning users, you start by registering an application as either an enterprise application or a custom application. You can set up from within Azure Active Directory how it is that users connect to it. Microsoft has done a great job with providing a lot of application templates that help to connect and add it into the cloud. Almost every application that you could think of is there. From that point, you can set up provisioning.

To assist with provisioning, they have great documentation. From an admin perspective, much of the work is done for you. After the applications are connected to Azure Active Directory, you assign users and groups, provisioning users via API calls, which is how it's done on the back end, and it ties in using service accounts. Then, you can create a group that has the appropriate permissions such as write permission, full admin rights, or contributor rights, and then provision users into those groups. The system automatically handles it for you at that point.

This product is easy to use.

The features that we use day in and day out are single sign-on, group capabilities, and provisioning capabilities. All of these are very useful.

This product has features such as Conditional Access that improve our security posture. Conditional access gives access only through a timeframe. We have certain policies that we set up, which could be a certain amount of time or it could be a certain type of access. These are examples of types of conditional access.

Another example of a security feature that helps us is Identity Protection, which will perform the automatic detection and remediation of risks.

We also have the ability to go in and investigate any risks using data within the portal, and it's all automated. It's nice in that sense.

These features have significantly improved our security posture and time for remediation. It would be difficult to estimate a time improvement in terms of a percentage, but being that it's automated and there is a portal that displays the risks in real-time, it's a very significant change. Previously, we had to go through and look at logs and those types of things, which was time-consuming compared to using the portal.

We also use multi-factor authentication, which is very useful because that gives another layer of security protection for our users. You have to have some sort of device that you can use to provide that second factor, and not just your username and password.

The provisioning capability is a two-edged sword because it is very useful, but it also needs some improvement. When you start to deal with legacy applications, provisioning is not as intuitive. Legacy applications, a lot of times, were based on an on-premise Active Directory and you had to use it to provision users or grant access to the product. I don't know of a way to make Azure Active Directory act as an on-premises version to connect to those legacy applications.

The speed and responsiveness of the technical support are things that could use some improvement.

We have been using Azure Active Directory since October of 2018, nearly three years ago.

The stability is not too bad. It's usually other issues that go on within Microsoft Azure. Whenever Microsoft Azure is down, the Azure Active Directory service sometimes can be down intermittently, depending on where things are at.

It is important to remember that it's not always the Azure Active Directory component that is down. Rather, a lot of the time, there is an app that is tied into Azure Active Directory causing the problem. I think we've had one incident in the last year that was tied directly to Azure Active Directory, where it was down from a SaaS perspective.

This solution scales very well. We were able to tie into our previous company and then bring on all of those users in a very quick amount of time. This included making sure that they could all log in and get access. We haven't really had any issues from that standpoint.

In terms of the users, you can add B2B and you can add B2C, as well. Scalability-wise, it's been good for us. We have between 15,000 and 20,000 users, which is fully scaled at the moment.

We have plans to do further B2B, as we work with our retail partners. We have a lot of retail partners, which is how our business model is structured, and that's something that we're planning on adding and moving forward with.

As far as scaling, going up, or going down, our numbers of Azure Active Directory users are pretty much what they're going to be for the next couple of years. That said, our B2B is definitely going to increase over the same period.

We use Covenant Technology Partners as the first level of technical support. Most of our support tickets actually get escalated from them up to the Microsoft product team.

The Microsoft product team's service is hit or miss, which is something that Microsoft can improve on. They are sometimes slower to react than we would like, but for the most part, they do take our tickets and work on them as they can, to try to figure out ways of remediation.

We did not have any solution prior to this; it was simply an on-premises Active Directory. We were spinning up something brand new to move forward. Being managed saves a lot of time and effort. We migrated our users over from the Active Directory that the prior owners had, but they managed it all, we did not.

It was very easy to get set up and running. Basically, you log into the Azure portal, you have your tenant that you're already connected into, you add a domain and then you just go. You add your first user and then you continue from there.

Our deployment started in October of that year, we had our first users within a week, and then we pretty much provisioned all of our users within a month. It was a pretty quick turnaround.

At the time of deployment, we were in the middle of a divestiture. As such, our implementation strategy included spinning up a brand new Active Directory so that we could start to migrate our users over from our previous owners into a new one that we would control. Consequently, we started from scratch.

I know that a lot of companies are not doing that. Rather, many are starting with an Active Directory and then moving into Azure Active Directory, but for us, it was a clean slate. We then started to incorporate methods of synching with our previous owner so that we could get all of the data from them and continue to march towards a separation.

We brought in consultants only because we didn't have the manpower at the time when we got started. I believe there was one other person besides myself, we were both at the director level, and neither of us had been given the time to build out our teams by that point. The third-party consulting company that we brought in assisted us to help us and assist us in getting everything set up and built out.

The company was Covenant Technology Partners and our experience with them was very good. They were able to help us get everything set up and running right away. Overall, it went very smoothly.

With respect to day-to-day maintenance, we have a lot of it automated. We've tied it into ServiceNow and a lot of our user additions, modifications, deletions, and other operations are things that we have automated via ServiceNow workflow.

I do have a team of three engineers under a manager that currently manages it, but they don't spend any more than probably 5% of their time, daily, dealing with it.

It is difficult to estimate our return when we didn't own anything beforehand. There is no real basis for comparison. That said, the automation capabilities cut down manual provisioning, manual adding, removing, deletion, editing, and those types of things, of user fields. I would say those are the big savings, and it's helpful that you can easily do the automation tie-in into Azure Active Directory.

Anytime you are dealing with Microsoft and licensing, it is always interesting. We have various levels of their licensing, which includes users on different levels of their enterprise offering. For example, some are on E3, whereas others are on E5. The differences between them have to do with the various features that we use.

We're a Microsoft Teams company and we use it not only for collaboration and instant messaging, but we also use it as our phone system. We did all of that together, so when we spun up Azure Active Directory, we also spun out Microsoft teams to use as our phones and flipped off of an old PBX system. It's been very useful but the licensing can be complicated when you get into the retail partners and guests. But for the most part, Microsoft has done a good job of explaining the different levels and what we need and has given us the proper licensing.

There are no additional fees for Azure Active Directory.

We did not evaluate other vendors. Our plan was to implement Microsoft Azure as our cloud solution, as well as go forward with Azure Active Directory. That was the plan from the get-go.

I know that Okta was out there, as well as a couple of other options, but that was never really a consideration for us.

The biggest lesson that I have learned from using this product is that because it is a SaaS solution, it's easy to get set up and configured. It doesn't take a lot of overhead to run and quite honestly, the security on it is getting better. Microsoft continues to pump more security features into it.

My advice for anybody who is considering Azure Active Directory is that if you have Microsoft products that you are currently already using, I would definitely recommend it. This is a solution that seamlessly ties into your Office products, and into any Microsoft product, and it's really easy to manage. You can spin it up quickly, implement it, and get going right away. You are able to tie into your on-premise Active Directory as well. At that point, you can start to sync those two to manage all of your users and all of your groups in one place.

Overall, this is a good product and to me it's perfect but at the same time, nothing is perfect.

I would rate this solution a nine out of ten.

We are a system implementer and this is one of the products that we provide to our clients.

We primarily use this product for identity and access management. Any of our customers using Office 365, which includes Exchange Online and SharePoint Online, are using it for authentication. Worldwide, there are a lot of use cases.

The identity check includes whether the username and password are correct, and it also supports multifactor authentication.

This solution is in the cloud and as soon as users log in to the Office 365 portal, or whatever application you assign to them, it will take care of the identity aspect.

The most valuable features are authentication, authorization, and identity access.

Conditional access is a very important feature where a specific user can be restricted such that they cannot connect to the application if they travel outside of the US.

Multifactor authentication is very important.

They have a velocity check, powered by artificial intelligence and machine learning, where if you have been logging in at a location in the US but suddenly you try to log in from a different country, it flags it as an unusual amount of travel in a short time and it will ask you to prove your identity. This is a security feature that assumes it is a phishing attack and is one of the important protections in the product.

The problem with this product is that we have limited control, and can't even see where it is running.  If Microsoft can give us a way to see where this product is running, from a backend perspective, then it would be great.

I would like to see Microsoft continue to add new features gradually, over time, so that we can introduce them to our customers.

We have been using Azure Active Directory for more than six years.

The stability of this product is 100%, and we plan to continue using it.

As this is a cloud-based product, you don't need to worry about scalability. Regardless of the number of users, it handles identity management.

90% of our customers are using it. From what I see, we have up to 50,000 end-users. In reality, we can have up to 400,000.

We can handle most of the issues by ourselves but if not, Microsoft support is available and we just have to create a ticket.

This is the first cloud-based identity management solution that we have used. In an on-premises deployment, we use the traditional Active Directory.

The deployment process involves using the Azure AD Connect tool, which is very important. The only choice that needs to be made beyond this is whether you want to have single sign-on (SSO) enabled or not.

The deployment will require some basic planning. The length of time required will be a maximum of four weeks. Three staff should be sufficient, although this depends on the number of users.

The maintenance of this solution is almost zero. The only time that something needs to be done is in the on-premises portion of a hybrid solution. The cloud aspect is maintained by Microsoft.

As this is a cloud-based solution, less maintenance is required, so the return on investment is better.

The P1 version costs $6 per user per month. If you need the P2 version then it is an extra $3 per month.

There are two different Premium versions of this product available, being P1 and P2. For 99% of our customers, P1 is enough. The P2 version has some advanced features required by a small number of customers.

Overall, my experience with Active Directory has been very good. When we work in the cloud, this product provides us with almost everything.

I would rate this solution a nine out of ten.

Our use case depends on the client, their project, and what they want to deploy. 

1. The solution can be deployed for security purposes. Multi-factor authentication is being deployed as a second layer of authentication, especially during this COVID-19 time, because everything has to stay secure. 
2. Almost every organization uses the software as a service (SaaS) part. Because of the pandemic right now, a lot of companies are moving many things to the cloud, like virtual machines (VMs) and virtual networks. It doesn't invalidate the fact that some companies don't want to have control on-premises. 

Everything depends on the solution or what the client wants.

We use it for PaaS and IaaS.

In terms of identity management, it helps to improve security posture. It generally helps in terms cloud security, simplicity, and single sign-on for multiple apps.

In terms of improvement, there should be more flexibility and conditional access. There is a lot of flexibility already, but there are some technologies that should be embedded and integrated into it for a more flexible, customized experience. Also, there should be more tools for analysis for clients, e.g., there should be more flexibility aimed at end users. Regular IT guys for each company should be able to use the tools to troubleshoot a certain level of analysis in their environment.

The security part should be improved overall. 

The visibility in the GUI is not good for management. There are a lot of improvements that could make it better. It should be more user-friendly overall. It is not user-friendly because everything keeps changing on the platform. I can understand it because I know the platform,  am familiar with it, and use it every day. However, for a lot of clients, they don't use it every day or are not familiar with it, so it should be more user friendly.

I have been using it for four to five years.

Availability for Azure AD as a whole is 99.95 percent. It is simpler and more available than the way technology used to be previously.

It is very scalable. When you talk about licensing, you have the option to scale up or scale down. For example, you purchase 50 seats of licenses and assign 45 licenses, then for some reason, you fire 10 employees. Once you fire them, you will probably block their identity access and single sign-in. After that, you can decide to reduce the number of licenses. On the other hand, if you acquire 10 licenses and employ five new people, then you can scale up by adding more five licenses that month. So, it helps you to scale up or scale down easily.

In another example, if you have acquired five virtual machine instances, then are using more in terms of the processor, you can scale up. It depends on the configuration you have. If you have done the setup and everything from the beginning, then you can say, "If the processor level reaches 80 percent, you want to add another two virtual machine instances." On the other hand, if you deployed five virtual machine instances, but your usage of those processors is lower than 30 percent, then you should scale down. So, if you have five licenses and you want to scale down by one, then you can scale it down so you can reduce your costs.

I would rate the technical support as a nine out of 10.

When I set it up two years ago, it was easy, not complex. It didn't take much time at all to set up.

A lot of people sign in or set it up with a Google account, Yahoo account, or Microsoft account, which is not the global administrator. A lot of people think that this is the global administrator. They don't understand that the account might have an extension and don't see this until that account gets locked out. That is when they have problems signing in. The setup is not that complex. It is just that the user experience overall needs improvement here.

The deployment process depends on what you are trying to achieve and the technology that you are trying to deploy, e.g., are you trying to deploy SSO, set up device writeback, or do a regular AD Connect setup? Everything depends on the objective or the overall goals of what you want to achieve.

Even after it has been deployed, one or two users may have problems with their account in terms of multi-factor authentication or the way it has been set up. I work with them to troubleshoot these issues.

Sometimes, the priority is to set up AD Connect, which integrates your on-premises to Active Directory. You must make sure your server is up and running. Apart from that, you need to set up your tenant, which is your profile admin center. 

If they want to download and install their tools, then we can connect to their on-premises for synchronization. So, it helps collect on-premises data and put it into the cloud. 

You can also install PowerShell. 

Everything needs to be considered for the requirements and if it is within the budget, then you can come up with a solution, whether it is SaaS, PaaS, or IaaS. 

Since people might not be very familiar with the platform, I have developed a system for how to use, deploy, or utilize the technology.

At the end of the day, it is about the overall goal because everything comes with a cost. Azure AD comes in different ways and shapes, e.g., SaaS is different from IaaS or PaaS, though it is still the same platform. 

Whether you are a small business or large business, you can always enjoy a very secure cloud platform. 

I would rate Azure AD as a nine out of 10.

When we are deploying cloud applications we avail ourselves of the services of Azure AD. At the moment, we are mostly getting the data from on-premises to the cloud, as far as user entities go. We're trying to define policies based upon the company's and our projects' requirements, such as whether we need to make something public or private. This all has to be defined. We also use it for access management.

We have protected the entire tenant itself, as a federation. AAD has also become a great source of research.

Previously there were many tenants and many subscriptions within each tenant. We have been able to separate Office 365 as a separate tenant and not welcome any other applications into that. We are only using SaaS with that tenant. Later, we had different tenants, and we welcomed all types of PaaS and IaaS.

Recently, managed identities came into the market, and we are trying to adhere to automations and customization, the automation of groups, which is a major advantage. That way, people don't have to wait for a long time for manual intervention. If they raise a ticket, within a few minutes the answer can be in their mailbox with all the details.

The features I normally use are for authentication and authorization.

Single sign-on provides flexibility and helps because users don't want to remember so many passwords when logging in. It's a major feature. Once you log in, you have access to all the applications. It also enables us to provide backend access controls to our users, especially when it comes to groups, as we are trying to normalize things.

For the end-users, they can seamlessly log in to their web products, like their Outlook account. They have YAML services and SharePoint services. Everything is single sign-on and that makes them happy.

An area where there is room for improvement is the ease of use of the dashboards.

Also, if a user is working in India, and we suddenly see a login from the US, Australia, or New Zealand, we should be alerted, because we wouldn't expect that application would be used by that user in those locations at that time.

An area for improvement is that there is so much dependence on on-premises databases, in the on-premises directory services.

In terms of features we would like to see, we don't have domain controllers in Azure AD. We are also looking at how we can best migrate users from on-premises to Azure AD, and how we can welcome B2B users. We would like to see improvement in the B2B functionality. We hope that is already in the roadmap. We'd also like to see some functionality for how we can set boundaries for tenants. We have multiple tenants that we're trying to consolidate. It's definitely going to be a big challenge to consolidate two tenants, so we're looking for help in that area.

I have been using Azure AD for the last three years.

In terms of the solution's availability, I haven't seen anything negative. It's always available. There have been no issues.

I haven't seen any room for improving the scalability or performance. The capacity is good. We are managing about 5,000 users in Azure AD. We have an Ops team and there are about 10 people who maintain and manage users and groups for the production tenant. But in five months, with SaaS and PaaS services, that might go higher.

We have had many discussions with tech support for Azure AD. We are trying to install read-only domain controllers or ODCs into the cloud platform. We have had many challenges with that in terms of the network side and the business requirements. Another issue we have spoken with them about is how to do automation of service principles and of groups.

Support has been great, but there is a little room for improvement. We have had to go through many iterations and we have had to wait for a long time until the next version of the solution comes out. Overall, we get good support, but their timelines could be better.

We were using Microsoft AD, on-premises. We are now syncing all the users who are in the on-premises version to Azure AD. We are not directly creating users in Azure AD because of the dependencies. Many legacy applications are talking to the on-premises directory services. When a user is created, we are sending that user from the on-premises to the cloud through Azure AD Connect.

We are using the Premium P2 licensing. 

To explore the solution, I had to create a personal version, because I can't play with the access that we get from the company. We explore those services in the personal version first, to see how it reacts.

From the company side, we haven't had issues because the licensing works well. But on a personal level, if I could enable more trial services, at least for a year, it would be much easier to explore and suggest the best solutions.

It's an easy tool to explore if you have already worked with the on-premises data services. There is good documentation available on the Microsoft website. If Microsoft provided more time for new users to explore new features, that would help. Everyone could learn more and contribute more to their companies or to the projects that they're working on. But it is easy to learn.

Just be careful, because you are in the cloud. You have to be aware of access, AM, how the user is coming into their account, where the user is going and what the user actions are, and what access they have. Always try to enable single sign-on, so that if any fraudulent user comes into the picture, you can remove them as soon as possible. So enable those features for admin accounts and use privileged IT management, vaulting the password. You have to strictly follow the security standards, because it's open to the public when it is on the cloud. You have to be very careful about the project requirements, the end-user requirements, and what the business stakeholders need.

When we started with Azure AD, we didn't restrict much. Later, we restricted a few possibilities, such as users logging in with their social accounts, or email accounts like Yahoo accounts or Outlook. Initially it was open to all. Any user could invite a guest user and provide access, but later we restricted things with conditional management, and restricted users so that they could not connect to their Gmail accounts. We are coming up with more policies as well.

We have ongoing discussions with Microsoft Azure AD regarding how we can best protect our entities and what the behaviors should be. We have some more specific requirements in the company, related to project behavior. With IaaS, you have to welcome everyone. You have to put virtual machines in the cloud. You can use the password services and develop custom APIs and deploy them. 

We are trying to define our security policies as much as we can, as we are seeing many changes in the market and are trying to restrict as much as we can. Only users who are least privileged can have an all-access. The most privileged will have additional authentication. We're trying to differentiate.

We have to be very careful about the administrative part, so that operations can easily manage without any hassle. Because we don't have natural restrictions, we are trying to implement our own rules.

As we are moving to the cloud, we have to be very careful when it comes to Azure Active Directory. If there is a mistake and a random user can log in to the directory, they could have access to everything. A user should not have access to whatever he wants, so setting up the right level of authentication and authorization is important. Use IAM very effectively. Identity and access management is a powerful space where one has to be very careful in choosing and configuring policies and standard procedures. We're trying to define that and be careful when with all platforms, whether IaaS, SaaS, or PaaS. At the moment it's going well.

We are merging many things in the tenant. Before, we only had SaaS. We are trying to welcome PaaS and IaaS to use the same production tenant. We have to exercise caution for everyone, all the individual policies, groups, and service principles. We have to enable all the features that you are capable of, such as user sign-in permissions, and application sign-ins. That has to be continuously monitored.

We have a good rapport with Microsoft. We have good support. We'll be exploring all the new services, like the managed entities and their other services that have come up. We are trying our best to explore and use the latest features that are available.

I use Microsoft Entra ID daily as an end customer in an enterprise environment. We are using it for very simple use cases such as authenticating with SSO to third-party solutions.

In a lot of situations, it is easy and free or almost free to use Microsoft Entra MFA.

It could be better if a simple member could understand more easily the prices of the products and packages offered by Microsoft. Additionally, after the first three years of a bigger package, renewal prices could be more transparent as they tend to increase significantly.

I have been working with Microsoft Entra ID for approximately five years.

I haven't had any bad experiences with its stability in the last five years. It works consistently, and any downtime can be monitored through Microsoft State Data Monitor.

Our customers are small businesses, so scalability is not a significant concern for us.

I have a direct contact with the Microsoft Hungarian team. They manage our problems, especially on the enterprise side, and I have heard no negative feedback regarding their response times or SLAs.

Positive

The setup experience was not difficult and I would rate it as eight out of ten. It just required some time to set everything up correctly.

We consulted with the Microsoft Hungarian team for any enterprise-level issues.

Initially, customers can get good prices for a three-year package, but renewal prices tend to increase significantly. If a customer looks for an alternative solution after three years, we often find it cheaper or the same as continuing with Microsoft.

I've worked with the Microsoft Tensor Solution and CI Mentech. We also considered other authentication systems like Ping, Kaseya, and Symantec VIP. In terms of SASE, I've had experience with Netskope, Cloudflare, and Palo Alto.

If you consider SASE aspects, Microsoft Entra is not a leader solution. There are stronger competitors in SASE, like Netskope and Palo Alto, and it may not be the best idea to rely solely on Microsoft solutions if your operation runs on Microsoft.

I'd rate the solution five out of ten.

Azure AD helps us manage application and hybrid identities.

I like Azure AD's conditional access policies. Microsoft Entra provides a single pane of glass for managing user access, improving the overall user experience. 

The workflow management for registering new applications and users could be improved.

I have used Azure AD for about eight years.

Azure AD is stable.

Azure AD is scalable. 

Azure AD is so stable and easy to administer that we don't need to contact support. 

Setting up Azure AD is straightforward. 

I rate Azure Active Directory a nine out of ten. You should use premium licenses or Azure directly whenever possible to take advantage of the new security features since E3. 

It gives us security when integrating all the Active Directories of all our branches together, giving us a centralized database and authentication.

It has helped save time for our IT administrators. It's seamless for the users because they simply log into the stations, but it's affecting the response time and efficiency of the IT team.

Active Directory itself is the best feature it has. It also gives us a single pane of glass for managing user access.

I have been working with Azure Active Directory for almost a year.

So far, it has been a stable solution.

It is scalable.

We did not have a previous solution.

I am working right now on whether we have seen ROI from the solution.

We are always looking for better pricing. Our agreement is on a monthly basis.

We're planning to use conditional access to access controls, but we have not done so in the meantime.

The solution doesn't require much maintenance; we're talking about two or three people.

I set up Azure Active Directory for many customers of the company I work for. I'm an implementer. It is the basis of identity and access for all the tenants we are using for our customers.

Microsoft Entra helps our clients save a lot of time, especially with the many automation processes that we can leverage to facilitate our work. The amount of time saved depends on the customer's needs. In general, on average I would estimate it saves them 40 percent in terms of time. But in some cases, it could be up to 70 percent.

It also helps them save money because they can work with fewer employees, or they don't have to hire more employees to do tasks that can be automated.

Another benefit is that it provides satisfaction at the administration level. On the user level, the ease of use makes it easy to understand without any limitations.

And it provides quite a good level of security for all users.

All the features of the solution are helpful. Among them, one of the most important is the Conditional Access. It helps affect a Zero Trust strategy positively.

Also, I use Entra Permission Management to distribute the roles among all users according to management requests. Microsoft provides reports for visibility and all kinds of controls where you can see the users and their access. Permission Management helps reduce the risk surface when it comes to identity permissions. It supports adaptive controls and that helps me in defining the right controls for users.

I would like them to improve the dashboard by presenting the raw data in a more visual way for the logs and events. That would help us understand the reports better.

I have been using Azure Active Directory for about three years.

It's stable. I haven't experienced any downtime or breakdowns with the product.

It's scalable.

I'm satisfied with their support. 

Neutral

It's easy to set up. 

The amount of time needed to set up Azure Active Directory depends on each customer's use case. It will take at least three to four hours for a small organization, and in that scenario you wouldn't need more than one person to set it up. For larger organizations, it may take a week and we would need two to three persons.

Our customers are looking for advanced features and processes for it to be cost-effective for their organizations. They see it as an overpriced product. They are enjoying using Azure Active Directory, but they are looking for better prices.

Just follow the book.