Try our new research platform with insights from 80,000+ expert users
IT specialist at BMO Financial Group
Real User
Supports multifactor authentication, scales well, good technical support
Pros and Cons
  • "It offers features that improve our security posture such as multifactor authentication, which is the second layer of protection that is used when we log into the cloud."
  • "The documentation, and the way that people are notified of updates, are things that can be improved. I'm a big fan of Microsoft products but the way they document is not that great."

What is our primary use case?

Azure Active Directory is similar to an on-premises access control system, but the service and data are hosted in the Azure cloud. Previously, everyone used to have Windows servers built as domain controllers for Active Directory to store their employee data. This assumed the role of a database for their employees.

With Azure Active Directory, which is in the cloud, you have the same functionality and there isn't much of a difference. The defining point is that you have access to online, cloud-based resources, such as Office 365.

In my company, as well as others, we had already implemented the on-premises Active Directory for our infrastructure. We leverage Azure Active Directory to synchronize the existing on-premises details to the cloud so that it creates an identity in Azure, which allows it to be used for other SaaS-based solutions.

How has it helped my organization?

This is the kind of solution that I feel you cannot run an organization without using.

Going forward, I expect that this solution will help to eliminate our on-premises infrastructure. Perhaps in the next few years, many companies will question their need for on-premises infrastructure and implement a purely cloud-based position. It will be a pay-as-you-go service.

Using this solution has affected our end-user experience because it enables and supports the Office 365 products that Azure provides. It is indirectly linked to all of the Office 365 solutions.

What is most valuable?

This is a feature-rich solution.

It offers features that improve our security posture such as multifactor authentication, which is the second layer of protection that is used when we log into the cloud.

What needs improvement?

The documentation, and the way that people are notified of updates, are things that can be improved. I'm a big fan of Microsoft products but the way they document is not that great.

Buyer's Guide
Microsoft Entra ID
April 2025
Learn what your peers think about Microsoft Entra ID. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,716 professionals have used our research since 2012.

For how long have I used the solution?

I have been using Azure Active Directory for the past four years.

This solution was implemented approximately five years ago, before I joined the company.

What do I think about the stability of the solution?

We use this product on a daily basis. In fact, it is constantly being used and we don't have any problems with stability.

What do I think about the scalability of the solution?

The scalability is good, and it is one of the reasons that we opted for a cloud solution.

We have more than 60,000 employees in the company and it scales very nicely. If more employees join the company then our usage will increase.

There are a variety of roles including administrators and different users. We have between 200 and 300 administrators.

How are customer service and support?

Technical support from Microsoft is excellent.

We have had multiple issues where technical support has been needed. For example, the other day, we had a problem with synchronization. One of the user licenses was not synchronized properly and when we identified the root cause, it showed that the profile was not linked to the Active Directory Account. That was the main problem.

For us, it's constant improvement. Once a problem has been resolved, we document it accordingly so that it doesn't reoccur. Essentially, we don't want to have the same story again.

Which solution did I use previously and why did I switch?

We also have Active Directory implemented on-premises, and it synchronizes with our cloud solution. The traditional Active Directory is what we used before this.

How was the initial setup?

I was not responsible for the initial setup but my feeling is that it is not very straightforward. From a technical perspective, I expect that it is somewhat complex.

The deployment took approximately six weeks. We are a large company with more than 60,000 employees and I expect that for a smaller company, with perhaps 100 or 200 employees, it might take a day or two to complete.

What about the implementation team?

One of the senior engineers in my organization was responsible for deployment. We also had assistance from Microsoft consultants. Between five and ten people were required for the deployment because it's a larger company.

There is no maintenance that needs to be done on our part. However, we have between 10 and 15 people who closely work on Azure Active Directory. 

What was our ROI?

Everyone uses a cloud solution to reduce the on-premises infrastructure cost and maintenance. In the coming years, there will be a lot of returns or a lot of cost-cutting that will happen.

What's my experience with pricing, setup cost, and licensing?

The licensing is good and it is really easy to manage. We make sure that we only enable the licenses that are needed for the users, rather than enabling licenses in a blanket fashion. Basically, we only enable the features that are required for each of the users.

There are no costs in addition to the standard licensing fees.

What other advice do I have?

Microsoft is a vendor that is always one step ahead.

The biggest lesson that I have learned is to read the documentation properly and thoroughly. Microsoft is great, but the documentation is sometimes updated and we aren't notified. This means that anytime you apply any solution, just make sure that you follow the proper guidance and always test before deployment.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
PeerSpot user
Director, Infrastructure at a retailer with 10,001+ employees
Real User
Easy to use, flexible security options, and it scales well
Pros and Cons
  • "This product is easy to use."
  • "When you start to deal with legacy applications, provisioning is not as intuitive."

What is our primary use case?

Azure AD is where our primary user data is stored. We get a feed-in from our HCM solution and it creates our users, and then that's where we store all of their authorizations, group memberships, and other relevant details.

We access it through the Azure Portal.

How has it helped my organization?

This product has helped improve our security posture because it allows a tie-in into the Microsoft Azure Sentinel product very easily and seamlessly. From a security standpoint, you have the option of conditional access, the option of identity protection, and those types of things. We have incorporated those right into our offering.

Overall, security-wise, this solution has allowed us to be more flexible. When you had just Active Directory and it was an on-premise solution, you had to do a lot of manipulation to get SaaS products working. You had to do a lot of customizing and those types of things. With Azure Active Directory, it's more configuration than it is customization. This allows us to be a lot more flexible, which brings about efficiency, better security, and other benefits.

Azure Active Directory has also improved our end-user experience.

Before, most companies including ours would use a customized username that would have random characters for a user. This is different from Azure Active Directory, which uses what looks like the email address as your username. In fact, it can be set up as a genuine email address. Where it differs is on the back end, where it has a unique ID, but on the front end, it's more readable and it's better understandable.

From my user experience, the sign-on is seamless as you go through and use any of Microsoft products. Everything ties right into it, and then as you set up your different applications that are tied into Azure Active Directory, and get the single sign-on, everything becomes a whole lot easier to connect into. From a user experience, it's improved it drastically.

For provisioning users, you start by registering an application as either an enterprise application or a custom application. You can set up from within Azure Active Directory how it is that users connect to it. Microsoft has done a great job with providing a lot of application templates that help to connect and add it into the cloud. Almost every application that you could think of is there. From that point, you can set up provisioning.

To assist with provisioning, they have great documentation. From an admin perspective, much of the work is done for you. After the applications are connected to Azure Active Directory, you assign users and groups, provisioning users via API calls, which is how it's done on the back end, and it ties in using service accounts. Then, you can create a group that has the appropriate permissions such as write permission, full admin rights, or contributor rights, and then provision users into those groups. The system automatically handles it for you at that point.

What is most valuable?

This product is easy to use.

The features that we use day in and day out are single sign-on, group capabilities, and provisioning capabilities. All of these are very useful.

This product has features such as Conditional Access that improve our security posture. Conditional access gives access only through a timeframe. We have certain policies that we set up, which could be a certain amount of time or it could be a certain type of access. These are examples of types of conditional access.

Another example of a security feature that helps us is Identity Protection, which will perform the automatic detection and remediation of risks.

We also have the ability to go in and investigate any risks using data within the portal, and it's all automated. It's nice in that sense.

These features have significantly improved our security posture and time for remediation. It would be difficult to estimate a time improvement in terms of a percentage, but being that it's automated and there is a portal that displays the risks in real-time, it's a very significant change. Previously, we had to go through and look at logs and those types of things, which was time-consuming compared to using the portal.

We also use multi-factor authentication, which is very useful because that gives another layer of security protection for our users. You have to have some sort of device that you can use to provide that second factor, and not just your username and password.

What needs improvement?

The provisioning capability is a two-edged sword because it is very useful, but it also needs some improvement. When you start to deal with legacy applications, provisioning is not as intuitive. Legacy applications, a lot of times, were based on an on-premise Active Directory and you had to use it to provision users or grant access to the product. I don't know of a way to make Azure Active Directory act as an on-premises version to connect to those legacy applications.

The speed and responsiveness of the technical support are things that could use some improvement.

For how long have I used the solution?

We have been using Azure Active Directory since October of 2018, nearly three years ago.

What do I think about the stability of the solution?

The stability is not too bad. It's usually other issues that go on within Microsoft Azure. Whenever Microsoft Azure is down, the Azure Active Directory service sometimes can be down intermittently, depending on where things are at.

It is important to remember that it's not always the Azure Active Directory component that is down. Rather, a lot of the time, there is an app that is tied into Azure Active Directory causing the problem. I think we've had one incident in the last year that was tied directly to Azure Active Directory, where it was down from a SaaS perspective.

What do I think about the scalability of the solution?

This solution scales very well. We were able to tie into our previous company and then bring on all of those users in a very quick amount of time. This included making sure that they could all log in and get access. We haven't really had any issues from that standpoint.

In terms of the users, you can add B2B and you can add B2C, as well. Scalability-wise, it's been good for us. We have between 15,000 and 20,000 users, which is fully scaled at the moment.

We have plans to do further B2B, as we work with our retail partners. We have a lot of retail partners, which is how our business model is structured, and that's something that we're planning on adding and moving forward with.

As far as scaling, going up, or going down, our numbers of Azure Active Directory users are pretty much what they're going to be for the next couple of years. That said, our B2B is definitely going to increase over the same period.

How are customer service and technical support?

We use Covenant Technology Partners as the first level of technical support. Most of our support tickets actually get escalated from them up to the Microsoft product team.

The Microsoft product team's service is hit or miss, which is something that Microsoft can improve on. They are sometimes slower to react than we would like, but for the most part, they do take our tickets and work on them as they can, to try to figure out ways of remediation.

Which solution did I use previously and why did I switch?

We did not have any solution prior to this; it was simply an on-premises Active Directory. We were spinning up something brand new to move forward. Being managed saves a lot of time and effort. We migrated our users over from the Active Directory that the prior owners had, but they managed it all, we did not.

How was the initial setup?

It was very easy to get set up and running. Basically, you log into the Azure portal, you have your tenant that you're already connected into, you add a domain and then you just go. You add your first user and then you continue from there.

Our deployment started in October of that year, we had our first users within a week, and then we pretty much provisioned all of our users within a month. It was a pretty quick turnaround.

At the time of deployment, we were in the middle of a divestiture. As such, our implementation strategy included spinning up a brand new Active Directory so that we could start to migrate our users over from our previous owners into a new one that we would control. Consequently, we started from scratch.

I know that a lot of companies are not doing that. Rather, many are starting with an Active Directory and then moving into Azure Active Directory, but for us, it was a clean slate. We then started to incorporate methods of synching with our previous owner so that we could get all of the data from them and continue to march towards a separation.

What about the implementation team?

We brought in consultants only because we didn't have the manpower at the time when we got started. I believe there was one other person besides myself, we were both at the director level, and neither of us had been given the time to build out our teams by that point. The third-party consulting company that we brought in assisted us to help us and assist us in getting everything set up and built out.

The company was Covenant Technology Partners and our experience with them was very good. They were able to help us get everything set up and running right away. Overall, it went very smoothly.

With respect to day-to-day maintenance, we have a lot of it automated. We've tied it into ServiceNow and a lot of our user additions, modifications, deletions, and other operations are things that we have automated via ServiceNow workflow.

I do have a team of three engineers under a manager that currently manages it, but they don't spend any more than probably 5% of their time, daily, dealing with it.

What was our ROI?

It is difficult to estimate our return when we didn't own anything beforehand. There is no real basis for comparison. That said, the automation capabilities cut down manual provisioning, manual adding, removing, deletion, editing, and those types of things, of user fields. I would say those are the big savings, and it's helpful that you can easily do the automation tie-in into Azure Active Directory.

What's my experience with pricing, setup cost, and licensing?

Anytime you are dealing with Microsoft and licensing, it is always interesting. We have various levels of their licensing, which includes users on different levels of their enterprise offering. For example, some are on E3, whereas others are on E5. The differences between them have to do with the various features that we use.

We're a Microsoft Teams company and we use it not only for collaboration and instant messaging, but we also use it as our phone system. We did all of that together, so when we spun up Azure Active Directory, we also spun out Microsoft teams to use as our phones and flipped off of an old PBX system. It's been very useful but the licensing can be complicated when you get into the retail partners and guests. But for the most part, Microsoft has done a good job of explaining the different levels and what we need and has given us the proper licensing.

There are no additional fees for Azure Active Directory.

Which other solutions did I evaluate?

We did not evaluate other vendors. Our plan was to implement Microsoft Azure as our cloud solution, as well as go forward with Azure Active Directory. That was the plan from the get-go.

I know that Okta was out there, as well as a couple of other options, but that was never really a consideration for us.

What other advice do I have?

The biggest lesson that I have learned from using this product is that because it is a SaaS solution, it's easy to get set up and configured. It doesn't take a lot of overhead to run and quite honestly, the security on it is getting better. Microsoft continues to pump more security features into it.

My advice for anybody who is considering Azure Active Directory is that if you have Microsoft products that you are currently already using, I would definitely recommend it. This is a solution that seamlessly ties into your Office products, and into any Microsoft product, and it's really easy to manage. You can spin it up quickly, implement it, and get going right away. You are able to tie into your on-premise Active Directory as well. At that point, you can start to sync those two to manage all of your users and all of your groups in one place.

Overall, this is a good product and to me it's perfect but at the same time, nothing is perfect.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Microsoft Entra ID
April 2025
Learn what your peers think about Microsoft Entra ID. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,716 professionals have used our research since 2012.
Cloud Support Engineer | Microsoft 365 Consultant at Freelancer
Real User
Using its Conditional Access policy makes it easier to know when you have been breached
Pros and Cons
  • "The cloud security part is very valuable. Security is the most important thing in today's world. With Azure Active Directory, there are some features that tell you how you need to improve your security level. It informs you if you set up certain policies, e.g., this is where my users sign in. It tends to let you know if your organization has been breached with this security set up. Therefore, it is easier to know when you have been breached, especially if you set up a Conditional Access policy for your organization."
  • "There are some features, where if you want to access them, then you need to make use of PowerShell. If someone is not really versed in PowerShell scripting, then they would definitely have issues using some of those features in Azure Active Directory."

What is our primary use case?

I started using Azure in my organization for user management, identity management, and app security.

I am using purely Azure Active Directory, but I've used Azure Active Directory in a hybrid scenario. I sync my user from on-premises Active Directory to cloud. While I have used the solution in both scenarios, I use it mostly for purely ATS cloud situations.

How has it helped my organization?

We don't really have breaches anymore. Now, in most cases, we set up a sign-in policy for risky things, like a user signing in via VPN or they can't sign in based on their location. This security aspect is cool.

If a user wants to sign onto the company's account, but turn on their VPN at the same time, they might not be able to sign in because of the Conditional Access policy set up in place for them. This means their location is different from the trusted site and trusted location. Therefore, they would not be able to sign in. While they might not like it, this is for the security of the organization and its products.

What is most valuable?

The cloud security part is very valuable. Security is the most important thing in today's world. With Azure Active Directory, there are some features that tell you how you need to improve your security level. It informs you if you set up certain policies, e.g., this is where my users sign in. It tends to let you know if your organization has been breached with this security set up. Therefore, it is easier to know when you have been breached, especially if you set up a Conditional Access policy for your organization.

The authentication, the SSO and MFA, are cool. 

It has easy integration with on-premises applications using the cloud. This was useful in my previous hybrid environment. 

The user management and application management are okay.

What needs improvement?

There are some features, where if you want to access them, then you need to make use of PowerShell. If someone is not really versed in PowerShell scripting, then they would definitely have issues using some of those features in Azure Active Directory. 

For how long have I used the solution?

I have been using Azure AD for three years.

What do I think about the stability of the solution?

Overall, stability is okay. Although, sometimes with the cloud, we have had downtime. In some instances, Microsoft is trying, when it comes to Azure AD, to mitigate any issues as soon as possible. I give them that. They don't have downtime for a long time.

What do I think about the scalability of the solution?

You can extend it as much as you need. For example, you can create as many users as you want on the cloud if you sync your users from on-premises. Therefore, it is highly scalable.

I used to manage about 1,500 users in the cloud. Also, at times, I have worked with organizations who have up to 25,000 users. When it comes to scalability, it is actually okay. Based on your business requirements, small businesses can use Azure Active Directory with no extra cost as well as an organization with more than 10,000 users.

How are customer service and support?

The support is okay, but it is actually different based on your specific issue because they have different teams. For example, when you have issues with cloud identity management, I think those are being handled by Microsoft 365 support, and if you have an issue with your Azure services, the Azure team handles it. 

I can say the support from Microsoft 365 support is awesome because it is free support. Although the experience is not all that awesome every time, and there is no perfect system, when compared to other supports, I would rate them as 10 (out of 10).

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup was straightforward. When I set up Azure Active Directory, I just had to create an Office 365 tenant.

Creating an Office 365 tenant automatically creates an Azure Active Directory organization for you. For example, if I create my user in Microsoft 365 automatically, I see them in Azure Active Directory. I just need to go to Azure Active Directory, set up my policies, and whatever I want to do based on the documentation.

A part of the documentation is actually complex. You need to read it multiple times and reference a lot of links before you can grasp how it works and what you need to do.

The very first time, it took me awhile to set up. However, when setting it up the second time, having to create Azure AD without setting up users was less than three minutes.

What was our ROI?

I work with a client who has a small organization of 50 users worldwide. With Active Directory, they are spending a lot for 50 users for management, the cost of maintenance, etc. The ROI number is too small for the costs that they are spending on the maintenance of an on-premises setup. So, I migrated them to Azure Active Directory, where it is cost-effective compared to an on-premises setup.

What's my experience with pricing, setup cost, and licensing?

For you to make use of some of the security features, you need to upgrade your licenses. If it is possible, could they just make some features free? For instance, for the Condition Access policy, you need to set that up and be on Azure AD P2 licensing. So if they could make it free or reduce the licensing for small businesses, that would be cool, as I believe security is for everyone.

Which other solutions did I evaluate?

The product is very good. Sometimes, I try to use Google Workspace, but I still prefer Azure to that solution. I prefer the Azure user interface versus the Google Workspace interface.

What other advice do I have?

Draw out a plan. Know what you want and your requirements. Microsoft has most things in place. If you have an existing setup or MFA agreement with Okta and other services, you can still make use of them at the same time while you are using Azure Active Directory. Just know your requirements, then look for any possible way to integrate what you have with your requirements.

Overall, this solution is okay.

I would rate this solution as an eight out of 10.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Data Systems Integration Specialist at a government with 1,001-5,000 employees
Real User
Simplified central management, including administration and an overview of all logins and user profiles
Pros and Cons
  • "The most valuable feature for us is the B2C functionality of Microsoft Entra ID, which is essential due to our need for external and internal users to log into our system."
  • "Microsoft Entra ID has simplified central management, including administration and an overview of all logins and user profiles."
  • "Microsoft's pricing and licensing are difficult to understand. We engage with Microsoft partners regularly, but Microsoft's frequent rebranding complicates the process for us in the industry."

What is our primary use case?

The primary use case for Microsoft Entra ID is authentication, allowing internal employees and guest users to log into our system.

How has it helped my organization?

Microsoft Entra ID has simplified central management, including administration and an overview of all logins and user profiles. It simplifies logins, not only for internal users but also for guests. We don't need to manage a lot of party sign-on. It has dramatically decreased phishing and other hacking attempts. 

It has improved our approach to defending against nation-state attacks and token theft by allowing us to enable MFA and other out-of-the-box capabilities easily. We've also reduced complaints and changed user behavior. It takes them some time to get used to it, but we educate them on how to use the built-in security features.   

What is most valuable?

The most valuable feature for us is the B2C functionality of Microsoft Entra ID, which is essential due to our need for external and internal users to log into our system.

What needs improvement?

Currently, Microsoft Entra ID meets our needs. I could not think of any areas for improvement or additional features for the next release.

For how long have I used the solution?

I have used Entra ID for three to four years.

What do I think about the stability of the solution?

The stability of Microsoft Entra ID is satisfactory.

What do I think about the scalability of the solution?

Microsoft Entra ID is scalable.

How are customer service and support?

I rate Microsoft support eight out of 10. Internally, we have a feedback system for our customer service. While it may not be perfect, there are noticeably fewer customer complaints.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did not use a different solution before Microsoft Entra ID. Since we are deeply embedded in the Microsoft ecosystem, it was the natural choice.

How was the initial setup?

The initial setup was not difficult. 

What about the implementation team?

We did not use an integrator, reseller, or consultant for deployment.

What was our ROI?

I am confident that we have seen a return on investment, but I have not calculated it. Microsoft Entra ID reduces risks and the need to do things manually.

What's my experience with pricing, setup cost, and licensing?

Microsoft's pricing and licensing are difficult to understand. We engage with Microsoft partners regularly, but Microsoft's frequent rebranding complicates the process for us in the industry.

Which other solutions did I evaluate?

Microsoft Entra ID was a straightforward choice due to our integration within the Microsoft ecosystem.

What other advice do I have?

I would rate Microsoft Entra ID eight out of 10. We are generally satisfied, although understanding the solution fully can be challenging. Once we have the knowledge, implementation becomes easy, but initially, it can be time-consuming.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
IT Manager at a non-profit with 51-200 employees
Real User
Top 5Leaderboard
Hs valuable user and device management, is straightforward, and provides a great ROI
Pros and Cons
  • "User and device management is the most valuable feature."
  • "The technical support has room for improvement."

What is our primary use case?

We use Azure AD to manage all endpoints, including laptops, desktops, mobile devices, such as iPads and iPhones, and users. We can disable accounts, create accounts, reset passwords, maintain access, and manage permissions.

How has it helped my organization?

Azure AD is essential to our organization. Our users need to use their Azure AD credentials to log into their computers every morning, and we also manage user accounts in Azure AD. As a result, we cannot function without Azure AD.

We use Entra's conditional access to restrict access to our system from overseas users. This means that users can only log in from Canada and the United States.

Our zero-trust strategy uses conditional access to verify users and prevent unexpected traffic, such as attacks from Russia. This makes our strategy more robust and secure.

We use Entra's conditional access in conjunction with Microsoft Endpoint Manager to limit user logins from Canada and the USA. We also limit devices that can log into the network to only those located in Canada.

Entra has helped our IT administrators save an hour of time per day.

Entra has helped our organization save money.

We used to use on-premises Active Directory. Now, we use Azure Active Directory. The main difference is that users can now reset their own passwords in Azure AD. This is a positive improvement, as it saves time and hassle for both users and IT staff. I believe that this has had a positive impact on our employee experience.

What is most valuable?

User and device management is the most valuable feature.

What needs improvement?

I would like Azure AD to provide features similar to check-in on-prem AD. The fetch-all service is the only one that is not currently available on Azure AD.

The technical support has room for improvement.

For how long have I used the solution?

I have been using Azure AD for five years.

What do I think about the stability of the solution?

I give Azure AD's stability an eight out of ten.

What do I think about the scalability of the solution?

I give Azure AD's scalability an eight out of ten.

How are customer service and support?

The basic support from Microsoft is not good.

How would you rate customer service and support?

Negative

Which solution did I use previously and why did I switch?

We previously used the on-premises Microsoft Active Directory. However, we have since switched to Azure Active Directory, which is a cloud-based solution. Azure AD is more flexible and scalable than on-premises AD, and it allows us to save money on hardware costs. This is because we no longer need to purchase and maintain our own servers. Instead, we can simply use the servers that are provided by Microsoft.

How was the initial setup?

The initial deployment was straightforward and took two months to complete. We switched over to the new system and then set up a number of additional features, such as enterprise applications and multi-factor authentication. This took an additional month, for a total of three months. We followed the instructions from Microsoft step-by-step. The deployment required two full-time employees from our organization and three from our partner.

What about the implementation team?

The implementation was completed with the help of an MSP.

What was our ROI?

We have seen a significant return on investment since switching to Azure AD. Our monthly costs have decreased from $5,000 to $100.

What's my experience with pricing, setup cost, and licensing?

The price is affordable, and we pay around $100 per month.

Which other solutions did I evaluate?

Both Okta and Azure AD are great solutions. I know that many people use Okta, but my concern is that we are also using Microsoft products on the endpoint. This means that our users use Windows, and it makes more sense to use a front-end and back-end Microsoft solution.

What other advice do I have?

I give Azure AD a nine out of ten.

Azure AD requires very minimal maintenance.

I recommend Azure AD. The solution is straightforward.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Sachin Vinay - PeerSpot reviewer
Assistant Manager-Networks at Amrita
Real User
Top 5
Saves us money because we don't need to pay for the resources required to operate the same solution on-premises
Pros and Cons
  • "Azure Active Directory's single sign-on feature has been helpful because users don't need to authenticate again and again each time they access it. Users only need to sign in the first time, and Azure handles everything. We haven't experienced any errors or security-related issues in the past four years. Many people use our protection servers from outside, requiring multi-factor authentication. Each authentication is logged precisely."
  • "Microsoft services and most familiar third-party applications are currently supported, but we can't find many other platforms that integrate with Office 365 or Azure Active Directory. Microsoft should develop connectors for different applications and collaborate more with other vendors to cover a broader range of applications."

What is our primary use case?

We are a university using Azure AD to authenticate staff, faculty, and students. Our organization completely depends on Azure Active Directory for authentication and identity-related features. All cloud activities and third-party services are validated with Azure Active Directory.

We also have an on-premises Active Directory, and the data is synced periodically to the cloud. Most of the services done on-premises are reflected in the cloud at once. We can also do the same handling features from the cloud to write back to the on-premises AD. This is the architecture.

How has it helped my organization?

We are implementing more and more services in the cloud on Azure and AWS, so we need to monitor our data security thoroughly. It's always a concern. Azure Active Directory enables us to easily validate the identity of anyone who connects to a particular server. We need to validate our data properly. For example, we must ensure our research data is going to the right person and place. Microsoft Azure Active Directory provides the easiest way to do that.

The Conditional Access feature lets us restrict access to a group of people on specific servers. We create a group in the Azure Active Directory and put only the necessary members there. For example, we can easily set up conditional access to SSH, Telnet, SSH, HTTPS, or any service with Azure Active Directory. 

We plan to implement Zero Trust in many of our other devices. It is an essential feature because users from multiple countries are accessing our research servers. We can provide a highly secure environment with minimum services without compromising productivity with a Zero Trust strategy.

We have wireless units deployed across the campus and use Microsoft AD services to authenticate all wireless activities. Many of the use cases are covered by wireless. After authentication, some users need to be redirected to the cloud. Their identities can be easily validated and captured with Microsoft AD. It gives us excellent control over our on-premise infrastructure.

Verified ID has helped us with our remote workforce. We provide VPNs to our remote employees so they can connect to our cloud services, authenticate with Azure, and be granted the necessary access. We provide policies for each user basis. Users in each category connect to the VPN, authenticate with their Azure credentials, and securely access all the cloud services.

We give provisioned laptops to our remote employees. With the help of this VPN, they spend less time coming to work in person because they have full-time access from home. So that way, we could reduce most of our official requirements concerning our employees. 

Privacy is a crucial security concern for our organization. With Verified ID, we can ideally authenticate Microsoft services without worrying about compromised identities. We used to have these issues with on-premise Active Directory, but this is less of a problem since we migrated to Azure Active Directory.

Our HR department can easily get a complete report on our users. HR can see specific fields, like designation, school, businesses, etc., if they need it from the Azure AD. They can also get the usage logs. They don't need to store all this manually for each person. They can easily get all the reporting parameters from this.

Azure AD saves us a lot of time. On any given day, it will save around four hours. It also saves us money because we don't need to pay for the resources required to have Active Directory on-premises. If we relied on on-premises Active Directory, it would require data center resources, like air-conditioning, power,  hardware, etc. We save considerable money by deploying it on the cloud. Percentage-wise, I think we could save around 40 percent. 

Azure Active Directory has improved our overall user experience. I would rate it a nine out of ten. Our users are delighted.

What is most valuable?

Azure Active Directory's single sign-on feature has been helpful because users don't need to authenticate again and again each time they access it. Users only need to sign in the first time, and Azure handles everything. We haven't experienced any errors or security-related issues in the past four years. Many people use our protection servers from outside, requiring multi-factor authentication. Each authentication is logged precisely.

In addition to the SSO, Azure AD is entirely flexible. We have other Microsoft services running on-premises, so Microsoft Azure AD allows us to sync other Microsoft services completely. This is perfect for us.

Microsoft Entra offers a single pane of glass for managing users and cloud services on multiple platforms. It all requires authentication and validation of user data, so Azure AD helps us to authenticate each user's identity without any security compromises. 

Microsoft has an excellent administration portal that enables us to sync our on-premise Active Directory automatically with the cloud. Any on-premise policy changes are reflected on the cloud. There are various options for each user on the admin portal. You can change user passwords and other attributes or configure a policy for forgotten passwords. A writeback feature can also reflect changes from the cloud to the on-premise environment. If you change the password from the cloud admin center, it gets reflected here.

Microsoft Azure AD Connect has a multi-factor authentication. Multi-factor authentication is a crucial feature, but we only require MFA for specific servers in the cloud. With Microsoft Azure AD Connect, we can specify the users and servers that require multi-factor authentication.

Azure Active Directory integrates well with other third-party applications. Third-party hosted solutions have the option. We can even create applications with Microsoft Azure AD. When users log in to Microsoft Azure AD, their credentials are stored in the application, and we don't need to get them on-premise Active Directory. So, it is an essential feature for us.

What needs improvement?

Microsoft services and most familiar third-party applications are currently supported, but we can't find many other platforms that integrate with Office 365 or Azure Active Directory. Microsoft should develop connectors for different applications and collaborate more with other vendors to cover a broader range of applications.

For how long have I used the solution?

We have been using Azure Active Directory for four years. 

What do I think about the stability of the solution?

Microsoft services have a reputation for complete reliability, so we expect the same from Microsoft Azure AD. It doesn't disappoint because most of the on-premise features extend to the cloud. Plus, Microsoft Azure AD has additional features, configuration, and single sign-on capabilities. It's a complete package for this authentication and validation purpose. Most of our users are pretty happy with this product.

What do I think about the scalability of the solution?

Azure AD is completely scalable. We can add unlimited users.

How are customer service and support?

I rate Microsoft's support a ten out of ten. Microsoft technical support is excellent

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Previously, we have used on-premise Active Directory.

How was the initial setup?

Setting up Azure Active Directory was a bit complex. The migration process is somewhat challenging because we don't want to lose any on-premise data. Each user has many parameters and access policies already set. Without even changing the password, we were able to sync all this data to Microsoft Azure AD. It was a complex procedure because Azure AD Connect has to be deployed correctly. We required help from Microsoft's technical support to do this.

Our initial deployment required three system admins and took around one week, but it took around six months to import all our users and get everything working properly. After deployment, Azure AD doesn't require any maintenance because everything happens in the cloud. We don't need to bother with anything.

What was our ROI?

The return on investment is pretty massive. We save time and money. It helps us even if we opt for a subscription. We save a considerable amount of time with the cloud version because it has various features unavailable in the on-premises Active Directory that save time for the system administrators. We can concentrate resources on hiring other staff instead of system administrators. All the features are within the cloud itself, so it reduces the maintenance costs of an on-premise server. 

What's my experience with pricing, setup cost, and licensing?

Active Directory is bundled with a package of Microsoft services, so it doesn't cost much. I don't know about the individual license of Active Directory. 

What other advice do I have?

I rate Azure Active Directory a ten out of ten. I would prefer Azure AD to have multiple application scenarios requiring a single sign-on facility and complete authentication, validation, and security tracking. 

If they require it in their application, even if it is an on-premise or a host application, I would prefer Microsoft Azure AD because it handles all this simultaneously. No other application covers a complete range of activities in an all-in-one solution. 

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer2596236 - PeerSpot reviewer
Sr Mgr InfoSecurity at a healthcare company with 10,001+ employees
Real User
It lets us create layers of security that help us prevent significant security issues in the future, such as nation-state attacks and token theft
Pros and Cons
  • "Multi-factor authentication is one of the most important features of my work. Verified ID is another feature that is becoming significant."
  • "I'd rate Microsoft Entra ID a 10 out of 10 due to the extensive range and focus on security features."
  • "There are many new features being added all the time, and Microsoft is advancing at a pace that aligns with our needs. I can't think of anything immediate that needs improvement."

What is our primary use case?

We use Microsoft Entra ID to ensure our users have the correct permissions and access. It manages privileged identity and ensures that we have proper MFA for the security of our employees.

How has it helped my organization?

Entra ID has made us more agile, enabling us to move faster in our tasks while providing tools for our employees to become more agile and efficient. The solution has improved our security considerably. Entra ID has helped us strengthen security across the board regarding access to apps and resources. It lets us create layers of security that help us prevent significant security issues in the future, such as nation-state attacks and token theft.

The solution helps us envision a future with zero trust, which is one of our goals but challenging to achieve. Entra ID has given us a pathway to achieve it.

What is most valuable?

Multi-factor authentication is one of the most important features of my work. Verified ID is another feature that is becoming significant. Furthermore, Microsoft Entra ID provides governance over IDs while ensuring people have the correct permissions. We also gain more visibility into security issues, leveraging automation to address them. It's made us more agile and efficient.

What needs improvement?

There are many new features being added all the time, and Microsoft is advancing at a pace that aligns with our needs. I can't think of anything immediate that needs improvement.

For how long have I used the solution?

We have been using Entra ID since Microsoft Office 365 was released. I'm unsure of the exact year, but it's been quite a few years—perhaps 10.

What do I think about the stability of the solution?

The stability of Microsoft Entra ID is fantastic. We rarely encounter any significant issues.

What do I think about the scalability of the solution?

The scalability is great. We are a larger partner, so we're a high-end example, and it's scaled very well for us.

How are customer service and support?

Customer service and technical support have been outstanding. For an organization the size of ours, we have a dedicated team we frequently connect with and escalation paths for larger issues.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We previously used various solutions, but integrating everything under Microsoft has allowed us to streamline and manage everything in one place.

How was the initial setup?

The setup process is quite streamlined, particularly around cost procedures. However, I don't have any additional details.

What about the implementation team?

We worked with several partners, although I can't recall any names.

What was our ROI?

I don't have specific metrics but implementing the solution has definitely helped us.

What's my experience with pricing, setup cost, and licensing?

Our experience with pricing, setup cost, and licensing is streamlined and simplified, particularly in cost procedures. I don't have more details beyond that.

Which other solutions did I evaluate?

I don't recall any specific alternate solutions evaluated before switching.

What other advice do I have?

I'd rate Microsoft Entra ID a 10 out of 10 due to the extensive range and focus on security features.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
reviewer1182405 - PeerSpot reviewer
Sales Representative at a comms service provider with 10,001+ employees
Reseller
Top 20
Single console integration streamlines authentication and security
Pros and Cons
  • "The main valuable feature is the integration into a single console, which includes authentication service and endpoint security."
  • "The main valuable feature is the integration into a single console, which includes authentication service and endpoint security."
  • "The cost is one area that needs improvement."
  • "The cost is one area that needs improvement."

What is our primary use case?

The primary use case is for single sign-on, service provisioning, and security features, including multi-factor authentication.

How has it helped my organization?

We have been integrating network services and authentication services such as PIN Identity and Entra ID, which helps in providing a consolidated security solution.

What is most valuable?

The main valuable feature is the integration into a single console, which includes authentication service and endpoint security. This consolidation of security features in one place is extremely beneficial.

What needs improvement?

The cost is one area that needs improvement. Also, there is a need for better transformation support from on-premises Active Directory policies to the cloud, as Entra ID doesn't cover this sufficiently yet. The flexibility of the security policies could also be improved.

For how long have I used the solution?

I have been working with EntraID, previously known as Azure ID, for about three or four years.

What do I think about the stability of the solution?

The stability of the solution is good with a rating of eight out of ten.

What do I think about the scalability of the solution?

Entra ID is pretty scalable with a rating of eight out of ten.

How are customer service and support?

Sometimes there is a late reply, but overall, it's good. I would rate Microsoft technical support as a seven out of ten.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

Customers often consider alternatives like Okta or PingID if Entra ID does not suit their requirements.

How was the initial setup?

The initial setup of Entra ID is simple.

What about the implementation team?

We work as integrators, focusing on integrating network services and authentication services like Entra ID.

What other advice do I have?

I'd rate the solution eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free Microsoft Entra ID Report and get advice and tips from experienced pros sharing their opinions.
Updated: April 2025
Buyer's Guide
Download our free Microsoft Entra ID Report and get advice and tips from experienced pros sharing their opinions.