Microsoft Entra ID Reviews

I started using Azure in my organization for user management, identity management, and app security.

I am using purely Azure Active Directory, but I've used Azure Active Directory in a hybrid scenario. I sync my user from on-premises Active Directory to cloud. While I have used the solution in both scenarios, I use it mostly for purely ATS cloud situations.

We don't really have breaches anymore. Now, in most cases, we set up a sign-in policy for risky things, like a user signing in via VPN or they can't sign in based on their location. This security aspect is cool.

If a user wants to sign onto the company's account, but turn on their VPN at the same time, they might not be able to sign in because of the Conditional Access policy set up in place for them. This means their location is different from the trusted site and trusted location. Therefore, they would not be able to sign in. While they might not like it, this is for the security of the organization and its products.

The cloud security part is very valuable. Security is the most important thing in today's world. With Azure Active Directory, there are some features that tell you how you need to improve your security level. It informs you if you set up certain policies, e.g., this is where my users sign in. It tends to let you know if your organization has been breached with this security set up. Therefore, it is easier to know when you have been breached, especially if you set up a Conditional Access policy for your organization.

The authentication, the SSO and MFA, are cool. 

It has easy integration with on-premises applications using the cloud. This was useful in my previous hybrid environment. 

The user management and application management are okay.

There are some features, where if you want to access them, then you need to make use of PowerShell. If someone is not really versed in PowerShell scripting, then they would definitely have issues using some of those features in Azure Active Directory. 

I have been using Azure AD for three years.

Overall, stability is okay. Although, sometimes with the cloud, we have had downtime. In some instances, Microsoft is trying, when it comes to Azure AD, to mitigate any issues as soon as possible. I give them that. They don't have downtime for a long time.

You can extend it as much as you need. For example, you can create as many users as you want on the cloud if you sync your users from on-premises. Therefore, it is highly scalable.

I used to manage about 1,500 users in the cloud. Also, at times, I have worked with organizations who have up to 25,000 users. When it comes to scalability, it is actually okay. Based on your business requirements, small businesses can use Azure Active Directory with no extra cost as well as an organization with more than 10,000 users.

The support is okay, but it is actually different based on your specific issue because they have different teams. For example, when you have issues with cloud identity management, I think those are being handled by Microsoft 365 support, and if you have an issue with your Azure services, the Azure team handles it. 

I can say the support from Microsoft 365 support is awesome because it is free support. Although the experience is not all that awesome every time, and there is no perfect system, when compared to other supports, I would rate them as 10 (out of 10).

Positive

The initial setup was straightforward. When I set up Azure Active Directory, I just had to create an Office 365 tenant.

Creating an Office 365 tenant automatically creates an Azure Active Directory organization for you. For example, if I create my user in Microsoft 365 automatically, I see them in Azure Active Directory. I just need to go to Azure Active Directory, set up my policies, and whatever I want to do based on the documentation.

A part of the documentation is actually complex. You need to read it multiple times and reference a lot of links before you can grasp how it works and what you need to do.

The very first time, it took me awhile to set up. However, when setting it up the second time, having to create Azure AD without setting up users was less than three minutes.

I work with a client who has a small organization of 50 users worldwide. With Active Directory, they are spending a lot for 50 users for management, the cost of maintenance, etc. The ROI number is too small for the costs that they are spending on the maintenance of an on-premises setup. So, I migrated them to Azure Active Directory, where it is cost-effective compared to an on-premises setup.

For you to make use of some of the security features, you need to upgrade your licenses. If it is possible, could they just make some features free? For instance, for the Condition Access policy, you need to set that up and be on Azure AD P2 licensing. So if they could make it free or reduce the licensing for small businesses, that would be cool, as I believe security is for everyone.

The product is very good. Sometimes, I try to use Google Workspace, but I still prefer Azure to that solution. I prefer the Azure user interface versus the Google Workspace interface.

Draw out a plan. Know what you want and your requirements. Microsoft has most things in place. If you have an existing setup or MFA agreement with Okta and other services, you can still make use of them at the same time while you are using Azure Active Directory. Just know your requirements, then look for any possible way to integrate what you have with your requirements.

Overall, this solution is okay.

I would rate this solution as an eight out of 10.

The primary use case for Microsoft Entra ID is authentication, allowing internal employees and guest users to log into our system.

Microsoft Entra ID has simplified central management, including administration and an overview of all logins and user profiles. It simplifies logins, not only for internal users but also for guests. We don't need to manage a lot of party sign-on. It has dramatically decreased phishing and other hacking attempts. 

It has improved our approach to defending against nation-state attacks and token theft by allowing us to enable MFA and other out-of-the-box capabilities easily. We've also reduced complaints and changed user behavior. It takes them some time to get used to it, but we educate them on how to use the built-in security features.   

The most valuable feature for us is the B2C functionality of Microsoft Entra ID, which is essential due to our need for external and internal users to log into our system.

Currently, Microsoft Entra ID meets our needs. I could not think of any areas for improvement or additional features for the next release.

I have used Entra ID for three to four years.

The stability of Microsoft Entra ID is satisfactory.

Microsoft Entra ID is scalable.

I rate Microsoft support eight out of 10. Internally, we have a feedback system for our customer service. While it may not be perfect, there are noticeably fewer customer complaints.

Positive

We did not use a different solution before Microsoft Entra ID. Since we are deeply embedded in the Microsoft ecosystem, it was the natural choice.

The initial setup was not difficult. 

We did not use an integrator, reseller, or consultant for deployment.

I am confident that we have seen a return on investment, but I have not calculated it. Microsoft Entra ID reduces risks and the need to do things manually.

Microsoft's pricing and licensing are difficult to understand. We engage with Microsoft partners regularly, but Microsoft's frequent rebranding complicates the process for us in the industry.

Microsoft Entra ID was a straightforward choice due to our integration within the Microsoft ecosystem.

I would rate Microsoft Entra ID eight out of 10. We are generally satisfied, although understanding the solution fully can be challenging. Once we have the knowledge, implementation becomes easy, but initially, it can be time-consuming.

We use Azure AD to manage all endpoints, including laptops, desktops, mobile devices, such as iPads and iPhones, and users. We can disable accounts, create accounts, reset passwords, maintain access, and manage permissions.

Azure AD is essential to our organization. Our users need to use their Azure AD credentials to log into their computers every morning, and we also manage user accounts in Azure AD. As a result, we cannot function without Azure AD.

We use Entra's conditional access to restrict access to our system from overseas users. This means that users can only log in from Canada and the United States.

Our zero-trust strategy uses conditional access to verify users and prevent unexpected traffic, such as attacks from Russia. This makes our strategy more robust and secure.

We use Entra's conditional access in conjunction with Microsoft Endpoint Manager to limit user logins from Canada and the USA. We also limit devices that can log into the network to only those located in Canada.

Entra has helped our IT administrators save an hour of time per day.

Entra has helped our organization save money.

We used to use on-premises Active Directory. Now, we use Azure Active Directory. The main difference is that users can now reset their own passwords in Azure AD. This is a positive improvement, as it saves time and hassle for both users and IT staff. I believe that this has had a positive impact on our employee experience.

User and device management is the most valuable feature.

I would like Azure AD to provide features similar to check-in on-prem AD. The fetch-all service is the only one that is not currently available on Azure AD.

The technical support has room for improvement.

I have been using Azure AD for five years.

I give Azure AD's stability an eight out of ten.

I give Azure AD's scalability an eight out of ten.

The basic support from Microsoft is not good.

Negative

We previously used the on-premises Microsoft Active Directory. However, we have since switched to Azure Active Directory, which is a cloud-based solution. Azure AD is more flexible and scalable than on-premises AD, and it allows us to save money on hardware costs. This is because we no longer need to purchase and maintain our own servers. Instead, we can simply use the servers that are provided by Microsoft.

The initial deployment was straightforward and took two months to complete. We switched over to the new system and then set up a number of additional features, such as enterprise applications and multi-factor authentication. This took an additional month, for a total of three months. We followed the instructions from Microsoft step-by-step. The deployment required two full-time employees from our organization and three from our partner.

The implementation was completed with the help of an MSP.

We have seen a significant return on investment since switching to Azure AD. Our monthly costs have decreased from $5,000 to $100.

The price is affordable, and we pay around $100 per month.

Both Okta and Azure AD are great solutions. I know that many people use Okta, but my concern is that we are also using Microsoft products on the endpoint. This means that our users use Windows, and it makes more sense to use a front-end and back-end Microsoft solution.

I give Azure AD a nine out of ten.

Azure AD requires very minimal maintenance.

I recommend Azure AD. The solution is straightforward.

We are a university using Azure AD to authenticate staff, faculty, and students. Our organization completely depends on Azure Active Directory for authentication and identity-related features. All cloud activities and third-party services are validated with Azure Active Directory.

We also have an on-premises Active Directory, and the data is synced periodically to the cloud. Most of the services done on-premises are reflected in the cloud at once. We can also do the same handling features from the cloud to write back to the on-premises AD. This is the architecture.

We are implementing more and more services in the cloud on Azure and AWS, so we need to monitor our data security thoroughly. It's always a concern. Azure Active Directory enables us to easily validate the identity of anyone who connects to a particular server. We need to validate our data properly. For example, we must ensure our research data is going to the right person and place. Microsoft Azure Active Directory provides the easiest way to do that.

The Conditional Access feature lets us restrict access to a group of people on specific servers. We create a group in the Azure Active Directory and put only the necessary members there. For example, we can easily set up conditional access to SSH, Telnet, SSH, HTTPS, or any service with Azure Active Directory. 

We plan to implement Zero Trust in many of our other devices. It is an essential feature because users from multiple countries are accessing our research servers. We can provide a highly secure environment with minimum services without compromising productivity with a Zero Trust strategy.

We have wireless units deployed across the campus and use Microsoft AD services to authenticate all wireless activities. Many of the use cases are covered by wireless. After authentication, some users need to be redirected to the cloud. Their identities can be easily validated and captured with Microsoft AD. It gives us excellent control over our on-premise infrastructure.

Verified ID has helped us with our remote workforce. We provide VPNs to our remote employees so they can connect to our cloud services, authenticate with Azure, and be granted the necessary access. We provide policies for each user basis. Users in each category connect to the VPN, authenticate with their Azure credentials, and securely access all the cloud services.

We give provisioned laptops to our remote employees. With the help of this VPN, they spend less time coming to work in person because they have full-time access from home. So that way, we could reduce most of our official requirements concerning our employees. 

Privacy is a crucial security concern for our organization. With Verified ID, we can ideally authenticate Microsoft services without worrying about compromised identities. We used to have these issues with on-premise Active Directory, but this is less of a problem since we migrated to Azure Active Directory.

Our HR department can easily get a complete report on our users. HR can see specific fields, like designation, school, businesses, etc., if they need it from the Azure AD. They can also get the usage logs. They don't need to store all this manually for each person. They can easily get all the reporting parameters from this.

Azure AD saves us a lot of time. On any given day, it will save around four hours. It also saves us money because we don't need to pay for the resources required to have Active Directory on-premises. If we relied on on-premises Active Directory, it would require data center resources, like air-conditioning, power,  hardware, etc. We save considerable money by deploying it on the cloud. Percentage-wise, I think we could save around 40 percent. 

Azure Active Directory has improved our overall user experience. I would rate it a nine out of ten. Our users are delighted.

Azure Active Directory's single sign-on feature has been helpful because users don't need to authenticate again and again each time they access it. Users only need to sign in the first time, and Azure handles everything. We haven't experienced any errors or security-related issues in the past four years. Many people use our protection servers from outside, requiring multi-factor authentication. Each authentication is logged precisely.

In addition to the SSO, Azure AD is entirely flexible. We have other Microsoft services running on-premises, so Microsoft Azure AD allows us to sync other Microsoft services completely. This is perfect for us.

Microsoft Entra offers a single pane of glass for managing users and cloud services on multiple platforms. It all requires authentication and validation of user data, so Azure AD helps us to authenticate each user's identity without any security compromises. 

Microsoft has an excellent administration portal that enables us to sync our on-premise Active Directory automatically with the cloud. Any on-premise policy changes are reflected on the cloud. There are various options for each user on the admin portal. You can change user passwords and other attributes or configure a policy for forgotten passwords. A writeback feature can also reflect changes from the cloud to the on-premise environment. If you change the password from the cloud admin center, it gets reflected here.

Microsoft Azure AD Connect has a multi-factor authentication. Multi-factor authentication is a crucial feature, but we only require MFA for specific servers in the cloud. With Microsoft Azure AD Connect, we can specify the users and servers that require multi-factor authentication.

Azure Active Directory integrates well with other third-party applications. Third-party hosted solutions have the option. We can even create applications with Microsoft Azure AD. When users log in to Microsoft Azure AD, their credentials are stored in the application, and we don't need to get them on-premise Active Directory. So, it is an essential feature for us.

Microsoft services and most familiar third-party applications are currently supported, but we can't find many other platforms that integrate with Office 365 or Azure Active Directory. Microsoft should develop connectors for different applications and collaborate more with other vendors to cover a broader range of applications.

We have been using Azure Active Directory for four years. 

Microsoft services have a reputation for complete reliability, so we expect the same from Microsoft Azure AD. It doesn't disappoint because most of the on-premise features extend to the cloud. Plus, Microsoft Azure AD has additional features, configuration, and single sign-on capabilities. It's a complete package for this authentication and validation purpose. Most of our users are pretty happy with this product.

Azure AD is completely scalable. We can add unlimited users.

I rate Microsoft's support a ten out of ten. Microsoft technical support is excellent

Positive

Previously, we have used on-premise Active Directory.

Setting up Azure Active Directory was a bit complex. The migration process is somewhat challenging because we don't want to lose any on-premise data. Each user has many parameters and access policies already set. Without even changing the password, we were able to sync all this data to Microsoft Azure AD. It was a complex procedure because Azure AD Connect has to be deployed correctly. We required help from Microsoft's technical support to do this.

Our initial deployment required three system admins and took around one week, but it took around six months to import all our users and get everything working properly. After deployment, Azure AD doesn't require any maintenance because everything happens in the cloud. We don't need to bother with anything.

The return on investment is pretty massive. We save time and money. It helps us even if we opt for a subscription. We save a considerable amount of time with the cloud version because it has various features unavailable in the on-premises Active Directory that save time for the system administrators. We can concentrate resources on hiring other staff instead of system administrators. All the features are within the cloud itself, so it reduces the maintenance costs of an on-premise server. 

Active Directory is bundled with a package of Microsoft services, so it doesn't cost much. I don't know about the individual license of Active Directory. 

I rate Azure Active Directory a ten out of ten. I would prefer Azure AD to have multiple application scenarios requiring a single sign-on facility and complete authentication, validation, and security tracking. 

If they require it in their application, even if it is an on-premise or a host application, I would prefer Microsoft Azure AD because it handles all this simultaneously. No other application covers a complete range of activities in an all-in-one solution. 

We use Microsoft Entra ID to ensure our users have the correct permissions and access. It manages privileged identity and ensures that we have proper MFA for the security of our employees.

Entra ID has made us more agile, enabling us to move faster in our tasks while providing tools for our employees to become more agile and efficient. The solution has improved our security considerably. Entra ID has helped us strengthen security across the board regarding access to apps and resources. It lets us create layers of security that help us prevent significant security issues in the future, such as nation-state attacks and token theft.

The solution helps us envision a future with zero trust, which is one of our goals but challenging to achieve. Entra ID has given us a pathway to achieve it.

Multi-factor authentication is one of the most important features of my work. Verified ID is another feature that is becoming significant. Furthermore, Microsoft Entra ID provides governance over IDs while ensuring people have the correct permissions. We also gain more visibility into security issues, leveraging automation to address them. It's made us more agile and efficient.

There are many new features being added all the time, and Microsoft is advancing at a pace that aligns with our needs. I can't think of anything immediate that needs improvement.

We have been using Entra ID since Microsoft Office 365 was released. I'm unsure of the exact year, but it's been quite a few years—perhaps 10.

The stability of Microsoft Entra ID is fantastic. We rarely encounter any significant issues.

The scalability is great. We are a larger partner, so we're a high-end example, and it's scaled very well for us.

Customer service and technical support have been outstanding. For an organization the size of ours, we have a dedicated team we frequently connect with and escalation paths for larger issues.

Positive

We previously used various solutions, but integrating everything under Microsoft has allowed us to streamline and manage everything in one place.

The setup process is quite streamlined, particularly around cost procedures. However, I don't have any additional details.

We worked with several partners, although I can't recall any names.

I don't have specific metrics but implementing the solution has definitely helped us.

Our experience with pricing, setup cost, and licensing is streamlined and simplified, particularly in cost procedures. I don't have more details beyond that.

I don't recall any specific alternate solutions evaluated before switching.

I'd rate Microsoft Entra ID a 10 out of 10 due to the extensive range and focus on security features.

The primary use case is for single sign-on, service provisioning, and security features, including multi-factor authentication.

We have been integrating network services and authentication services such as PIN Identity and Entra ID, which helps in providing a consolidated security solution.

The main valuable feature is the integration into a single console, which includes authentication service and endpoint security. This consolidation of security features in one place is extremely beneficial.

The cost is one area that needs improvement. Also, there is a need for better transformation support from on-premises Active Directory policies to the cloud, as Entra ID doesn't cover this sufficiently yet. The flexibility of the security policies could also be improved.

I have been working with EntraID, previously known as Azure ID, for about three or four years.

The stability of the solution is good with a rating of eight out of ten.

Entra ID is pretty scalable with a rating of eight out of ten.

Sometimes there is a late reply, but overall, it's good. I would rate Microsoft technical support as a seven out of ten.

Neutral

Customers often consider alternatives like Okta or PingID if Entra ID does not suit their requirements.

The initial setup of Entra ID is simple.

We work as integrators, focusing on integrating network services and authentication services like Entra ID.

I'd rate the solution eight out of ten.

We provide a pipeline for Azure Active Directory. We are working with premium clients, giving them services, like SaaS application services through Azure Active Directory. Also, we help external clients who are planning to migrate from on-prem to Azure Active Directory. We help them with the setup, etc.

We are providing Office 365 access from Azure Active Directory. We are enabling multi-factor authentication and assigning the licenses for end users.

We can provide access for many SaaS analytics tools, like ERP and CRM. We can provide access from everywhere to Azure AD. So, it will work as an authentication service, then we can provide access to particular SaaS applications. Therefore, we manage all accesses and privileges within Azure AD for different applications.

The Privileged Identity Management is a good feature. The identity products of Azure Active Directory are good features. 

There are role-based access controls. Both built-in and custom roles are very useful and good for giving permissions to a particular set of users. 

Privileged identity access lets you manage, control, and monitor permissions of a particular set of users or group. This is a good way to control the access. With the rollback access control, that will secure your environment, e.g., if you want to secure it from an authentication point of view. So, if you are an authentication provider service, your request will go for authentication, then it will go back for service authentication. So, this is a good feature in Azure Active Directory.

Azure AD has features that have helped improve our security posture and our client's security posture. We don't have to manage many things because there are some built-in features inside it. We can set it up once and it will work as an auto process, which is good from our side. On the clients' side, it will then not be challenging when managing stuff, as it will be very easy to manage the client end.

Azure AD needs to be more in sync. The synchronization can be time-consuming. 

The availability is good. I have never experienced any downtime.

The scalability is great. If we will go with the custom installation version of Azure AD Connect, i.e., for many users, then we can go with the custom settings. 

I have one client with one tenant. We verified their domain and created many users. It was already on-prem, so we synced all the users from on-prem to Azure AD. We gave those users Office 365 permission from the Office 365 admin center. From there, we enabled the MFA and assigned the licenses. 

We have migrated 10,000 to 12,000 objects from on-prem to Azure AD previously.

Whenever I have logged a case with Microsoft, their technical support replies within 24 hours with an email and a call, which is good.

Previously, our clients only had on-premises Active Directory. They migrated to Azure AD because they didn't want to keep their on-prem environment. There are a lot of challenges with maintaining those servers and other costs. 

It is also a good service. From one console, we can manage many things. It is better if we can work with it from a single console, managing it all with fewer resources. With on-prem, there are many domain controllers that we need for various stages, and we have to manage all the domain controllers. Apart from that, we have to back up and monitor the server as well as do everything for the setup. 

It is a very easy process to set up. First, we need to collect all the information, e.g., the custom domain information, user information, and which kinds of applications the users want to access. All this information is needed. Based on that, we can just set up and go to the Azure Portal. We can go to the Azure Active Directory console from there, where we can verify the domain and do the management. It is a very easy process, which is not time-consuming. Though, if you want to design your own application (customize it) and provide access for a particular user or group, then it can be a bit of a time-consuming process.

I don't think more than one or two people are needed for the deployment. If we have all the information, then we can work alone. Not many resources are needed for this.

Azure AD has a good return on investment. We do not need as many servers, electricity, etc. We can save from a cost point of view. Apart from that, if we have a limited set of users, we do not need to go with the extended version of Azure Active Directory, where it costs a lot to enable these services. Azure Active Directory is a good option compared to on-premises. 

This solution is less time-consuming. We don't have to hire as many resources to give permissions to a particular user or group for any application.

We are working with the Premium P2 licenses, which are reasonable. If you invest in the on-premises environment setup, then it costs so much. However, on-prem AD gives you the ability to manage your organization in a very organized manner, where you can create a group policy.

Azure AD provides identity access. If you have to go with the identity part only, then Azure AD would be the better option. If you will go with the various authentication authorization and security services, like group policy setup, then on-prem Active Directory would be better.

It is good service and easy to use.

I would rate the solution as a nine out of 10. They should be improving the solution all the time.

I use Microsoft Entra ID in my company for provisioning and deprovisioning identities and access.

In the organization where I work, Microsoft Entra ID helps automate the process of creating accounts and purging multiple accounts when they are no longer needed.

The most valuable components of the solution are provisioning and deprovisioning since both features work.

My organization is less familiar with some of the new tools in the market, so I don't know whether I can speak about what needs improvement in Microsoft Entra ID presently.

I have to absorb whatever I have learned about Microsoft Entra ID. I don't know if I can say what additional features need to be introduced in the product, but I can say that the product looks promising based on what I have learned about Microsoft Entra ID.

Attempts to simplify hooks to perform access management are not always easy, but in my organization, we might be able to make some progress in the future.

Microsoft's technical support has shortcomings where improvements are required.

I have been using Microsoft Entra ID since 2005. My organization plans to enter into a partnership with Microsoft, but presently, we are just a customer.

Microsoft Entra Verified ID is a very stable solution.

I have not had any issues with Microsoft Entra Verified ID's scalability feature.

There are 1,50,000 end users of the solution in my organization.

I rate the technical support a seven out of ten.

Neutral

My company has been using Microsoft Entra ID since the release of its earliest version, which was in the mid-2000s.

I was involved in the original deployment or initial setup of Microsoft Entra ID in my organization, and we found it to be a complex process. In the past, my organization was involved in the migration process from a custom Oracle-based solution to Microsoft Entra ID. Microsoft Entra ID was a product that was a new acquisition for Microsoft at the time, in which some custom development work by our company's team was required.

The product is used for our enterprise, an academic medical center with many different hospitals, owing to which the tool is deployed centrally.

The solution is deployed on hybrid cloud services offered by Microsoft Azure Cloud.

The product's deployment phase was carried out with the help of my organization's in-house personnel.

My company has not used many of the new features available with the product's new prices, so I cannot speak if I have seen an ROI from the use of the product in my organization.

I have seen an ROI from the use of the solution if I consider its past usage in our organization since we were able to eliminate work that a lot of people had to do manually, like the creation or deletion of identities.

I work for an academic medical center, where there is a watch kept over every dollar spent. I do have concerns about the micro charges for different levels or features of the product.

My company did consider a product from IBM against Microsoft Entra ID during the evaluation phase. My company chose Microsoft Entra ID since we were involved with Microsoft Active Directory Domain Services. Microsoft Active Directory Domain Services was a nicely tied product with Microsoft Entra ID.

Microsoft Entra ID provides almost a single pane of glass for managing user access, but not in my organization's environment because we have a little bit of custom work to do at our end. It looks like my organization might be able to see how the solution provides a single pane of glass for managing user access in the future.

A single pane of glass affects the consistency of the security policies, as it helps reduce a lot of confusion for the IT professionals who need to work with Microsoft Entra ID. It is very confusing when IT professionals have to bounce to different URLs to find access to tools needed to do their jobs, which was an issue for me, but it looks like there have been some improvements.

I don't use Microsoft Entra Verified ID.

I do use Microsoft Entra Permissions Management, but probably not the way it is designed to be used.

The solution has helped my organization's IT admins and the HR department save a lot of time.

The solution has helped my organization save money, but I cannot quantify it.

I ardently carry out processes where I build out and test a solution and then run a proof of concept before moving to a particular product. I suggest that others who plan to use Microsoft Entra ID consider the aforementioned aspects.

I rate the overall product a nine out of ten.