Microsoft Entra ID Reviews

We have been using Microsoft Enterprise for ten years, and we actually started beginning to really use it about two years ago. Earlier, we had an access manager on the premises, but everything is moving to the cloud. So we are moving our access management and identity management solutions to the cloud as well.

The whole access management solution is valuable. In 2015, we were selecting a new access management solution, and because it was already integrated, we started using it. 

Integration with Defender allows us to get alerts and respond to them by blocking users. Microsoft Entra ID has streamlined and centralized our device management and threat response processes.

We are looking for more customization with BRAIN and everything else, and while they are following up on that, we want some more of it.

We have experienced some downtime because of the use of the data centers.

In Microsoft technical support or Microsoft Denmark, we have an account manager and strategist, whom we contact along with the suppliers who have their own technicians. The experience has been positive.

Positive

Earlier, we had an access manager on the premises before moving to Microsoft Enterprise for cloud-based solutions. In 2015, we selected a different access management solution initially.

Would you rate the overall solution on a scale of 1 to 10? Yeah, excellent. From one to ten, would you mind the call? I think, yeah, excellent.

We use Microsoft Entra ID to secure Boulevard by Density.

Entra's multifactor authentication has kept our organization secure. We've decreased the number of password resets and extended the length of passwords, which has kept users happy and improved security.

Entra's conditional access policies allow us to fine-tune how we allow people into the environments and secure them. Microsoft Entra ID has also massively improved secure access to apps or resources compared to our previous setup. We've rolled out Microsoft Authenticator. That went pretty well, pretty smooth. The users seem to enjoy ID. And, yeah, we're starting on passwordless soon.

There are no specific areas where improvement is needed at the moment. Everything has been good so far.

I have been using Microsoft Entra ID for about six years.

There have been a couple of outages so that I would rate the stability around a seven out of 10.

I rate Microsoft support nine out of 10. Customer service and technical support have been pretty good.

Positive

We did not use any different solutions before implementing Microsoft Entra ID.

The initial setup and experience with deploying Microsoft Azure ID was straightforward.

We used an integrated reseller or consultant for the deployment.

We have seen a return on investment because Entra is included in licenses we already own. Deploying it was a no-brainer. 

The solution was included in the licenses we already had, so it presented a no-brainer setup cost.

I rate Entra ID nine out of 10. 

We're using Azure Active Directory to get authentication from Office 365, and along with this, we're using it for infrastructure-as-a-service authentication. For all the virtual machines hosted on Azure right now, we're getting authentication from Azure Active Directory.

In addition to these, we're using some other SaaS or software-as-a-service products such as SAP Ariba and SAP SuccessFactors. For these specific products also, I have integrated single sign-on via Azure Active Directory.

We're also using e-procurement solutions such as Tejari and SAP Ariba. To get authentication of my guest users, who are my partners, vendors, or external collaborators, we create their guest accounts on Azure Active Directory. They come into our applications through that. We get a secure channel to provide access to the external parties on our tenant through Azure Active Directory. These are the basic use cases of Azure Active Directory.

After moving to Azure Active Directory, life becomes very easy, not only for the administrator and IT people but for the end-users as well. They've now got a single sign-on. Previously, our end-users had to remember multiple account IDs and passwords, and they had to enter the relevant account ID and password for each application, whereas now, they have a single identity across all the applications provisioned in our landscape.

It's helpful for security and compliance. Security is a big concern right now, and we're very sensitive about it. I am from the Oil and Gas sector, and this is something that's very critical for us. Additionally, we have external contributors, such as partners, vendors, and technical consultants, who need access to our resources from outside the organization. Azure Active Directory provides some very good features for that such as guest user access and limited user access. 

It has default integration with all Microsoft products such as SharePoint, Power BI, Power Apps, Power Automate, and obviously, the infrastructure as the service landscape of Azure. This integration is surely amazing.

Conditional access is amazing. I have a success story to share for the conditional access feature. About six or seven years ago, we identified a cyber attack that was coming from certain IPs from Nigeria on our tenant, and through that, some of our users were compromised. We blocked all Nigerian IPs using Azure conditional access and saved our users. It was something amazing and life-saving for us. 

The conditional access feature complements the zero-trust strategy. It makes our environment more secure. It makes our environment more reliable as far as the whole security landscape is concerned.

We use Microsoft Endpoint Manager. Initially, we were not using it, but later on, we started to use Microsoft Endpoint, which was previously known as Microsoft Advanced Threat Protection. Implementing secure policies of Microsoft Endpoint, advanced threat protection, and conditional access provides us with a very safe and kind of sandbox environment. This combination protects us from those who are accessing our environment from unpatched devices, pirated applications, and applications with security loopholes.

We're also using Microsoft Intune to save our corporate devices and provide a secure zone for our users to access corporate resources and applications.

Personally, I'm a great fan of Azure Active Directory due to the security and compliance features that are there in the classic or default Azure Active Directory. 

The conditional access feature is absolutely great through which we provide access to users on the basis of a certain device, a certain geographical location, a certain set of IPs, or any other criteria that we can define via a set of rules. 

The auditing of Azure Active Directory is fantastic, and its integration with Cloud App Security is something amazing because we can get complete visibility of our environment through Cloud App Security. It also helps us a lot with our yearly audits and monthly reporting.

There is a lot of room for improvement in terms of its integration with the local Active Directory. There are some gaps in terms of the local Active Directory through which Microsoft is syncing our environment from our data center. There should be the availability of custom attributes on Azure Active Directory. In addition, there should be the availability of security groups and distribution groups that are residing on the local Active Directory. Currently, they are not replicated on Azure Active Directory by default.

There should also be a provision for Azure Active Directory to support custom-built applications. 

I've been using this solution for the last 12 years.

It's very stable.

It's very scalable. It's being used in companies with 64 users as well as in companies with 16,000 users. For both companies, it's working perfectly. It's a very good product.

My environment is based on multiple things. We're using Office 365 in the software-as-a-service mode. We're using Azure infrastructure in the infrastructure-as-a-service mode. We have integrated our Azure Active Directory with multiple third-party solutions such as Oracle Aconex, SAP S4HANA, SAP Ariba, SAP SuccessFactors, and Tejari. Along with this, we're providing authentication services to our third-party or external vendors, contractors, and guest users through Azure Active Directory. It's in hybrid mode. It's in the private cloud, software-as-a-service, and infrastructure-as-a-service environments. There are multiple environments.

Back in 2010 or 2011, when Microsoft launched it initially, it was very good, but since COVID or post-COVID, the quality has reduced significantly. Before COVID, it was very good. We would normally get very good engineers on call. We got support from the European zones, but since COVID, their support services have been significantly compromised. The quality of engineers or the quality of SLAs is not up to the mark. 

I was one of the people here in Pakistan who started the cloud. Microsoft has published three case studies of mine on the cloud during the last ten years. Over the years, I've seen that the overall support model of Microsoft Cloud has been compromised. I'd rate their support a six out of ten. 

Positive

We were using the local Active Directory previously. From day one, we've been die-hard fans of Active Directory. Until 2011 or 2012, we used the local Active Directory that was hosted in my own data center, and now, because we're in a hybrid environment, we're managing local Active Directory, and we're managing Azure Active Directory. We're managing both.

We got Azure Active Directory because we moved to Office 365, public cloud, infrastructure as a service, and software as a service. We needed a single sign-on and integration with some third-party cloud products such as SAP Ariba, SAP SuccessFactors, and Tejari. 

Last month, we did the very first integration in Pakistan with Oracle Aconex. It's one of the biggest engineering document management suites in the world. We integrated Azure Active Directory with EDMS, which was really commendable. It was something that was done for the first time in Pakistan.

We're using Azure Active Directory with Office 365, which is a public cloud. The same Azure Active Directory is integrated with Azure infrastructure's private cloud, so the same Active Directory is serving in multiple scenarios. Through the same Azure Active Directory, we have integrated with the custom applications that are hosted on other public clouds such as Oracle Aconex, SAP S4HANA, SAP Ariba, SAP SuccessFactors, and Tejari. So, we're using it in the hybrid mode to sync our local Active Directory. From that hybrid mode, it's providing authentication to the users for Office 365 and it's providing services for the users who are using Windows virtual desktop. On the other side, for the third party, we're also using Azure Active Directory.

I deployed it myself. The initial setup was complex when we were implementing it around twelve years ago, but now, it's very simple. When we started this journey, it took us six months to integrate our local Active Directory with Azure Active Directory. We worked with three different partners. Two of them failed, and then Microsoft Pakistan got involved with us. Through their Dubai-based partner, we successfully integrated our Azure Active Directory with our local, on-premises Active Directory. We got success with the third partner, but overall, it took us six months. Nowadays, the hybrid configuration and the integration of Azure Active Directory with the local Active Directory is a piece of cake.

In terms of maintenance, because it's software as a service, Microsoft is managing it for us. We don't take any backup, etc. It's just managed by Microsoft.

We got a very good ROI when we compare it with what we were using around ten years ago. It's a much improved and cost-efficient product in terms of cloud provision.

It's pretty good. We're using the native features. It's bundled with our Office 365 licenses. We aren't paying anything extra for Azure Active Directory. It's pretty good for us because it's complementary to Office 365. We're only paying for Office 365.

We checked Google Suite. We checked its identity mechanism, but it was not as per our requirements.

It's a very good product. It's a stable product. I'd highly recommend it.

Overall, I'd rate Azure Active Directory a nine out of ten.

We use Azure AD which enables our customers to remotely access the shared machines within their office, allowing them to work from any location.

Our primary customer transitioned from using a local cluster to utilizing Azure. They initially utilized Hyper-V and have now combined Azure AD with SharePoint Office 365. This new setup has proven to be much more convenient for them compared to their previous local arrangement, which did not work well. With Azure AD, I was able to exert greater control over the content on their machine.

Azure AD saved time for our IT administrators and HR departments, particularly when they need to reset their own passwords or grant permissions to other people within the group by themselves. This saved around 60 hours in total.

Azure AD helped save around 18,000 euros.

Azure AD significantly improved the employee user experience in the company by providing them with enhanced accessibility to their information and facilitating seamless login and logout from their machines while working from home. This is a significant shift from the previous system that relied on a local username and VPN connection and was limited to a fixed cluster.

The most valuable feature is the ease with which a person can log in remotely using only a password or pin without creating a profile or policy.

The permission management is a mess because it is not centralized, especially when we go back from Azure, which is quite big to SharePoint. This is not really well done and has room for improvement.

I would appreciate it if Azure AD could provide an option to simplify its interface by removing unnecessary features for small companies with a maximum of 50 users. This would make it more user-friendly for our customers who find the current interface overwhelming due to its numerous options.

I have been using the solution for almost 12 years.

Azure AD is a stable solution.

Although Azure AD is intended to be scalable, we have not yet verified its scalability by adding more users.

The initial setup is straightforward. The deployment required around six hours. I only had to import to write the existing users into Azure.

The implementation was completed in-house.

The solution can be cheaper.

I evaluated Google Workspace but I prefer Microsoft.

I give the solution a nine out of ten.

The only maintenance required for Azure AD is to modify certain parts on Windows by using policies.

The usefulness of Azure AD depends on several factors such as our intended use, the current system, the number of users, and organizational size. While Azure AD is an excellent choice for larger companies, it may not be beneficial for individuals.

The primary use cases are task tracking and technical documentation, but I'm a project manager, so I also use the product for other jobs.

We have around 15 total users, with a couple of admins.

The boards for task tracking are a valuable feature. 

Azure AD is a turnkey solution; it provides many features for developers to use in one place.

Many of the features are outdated, so the UI and UX could be improved. 

The wiki is hard to use as it's more of a repository for technical information, but when I'm writing a PRD, I need more tools for writing. 

It would be good if the UI were more visually appealing, as it looks dated compared to other products on the market. It works fine for the dev team, but the navigation could be improved, especially for managers.

I've been using the solution for around two years. 

The stability is okay overall. 

The product is highly scalable; it's enormous and has many features.

I previously used a variety of solutions for task management, including Asana, Teamwork from Microsoft, Jira, and so on. 

I wasn't involved in the deployment; the solution was already in place when I arrived. It doesn't require any maintenance that I'm aware of. 

The product is relatively affordable, especially compared to Okta, a pricey solution.

Azure AD helped save my organization money, as it's a turnkey solution for dev management, though I can't say precisely how much as I'm not involved in the financial side.  

I rate the solution six out of ten. 

I don't use Azure AD's Verified ID, but I'm considering an identity management solution. I'm hesitant about which one to choose, and the choice is between a product from Okta and the one from Azure AD.

I use the Permission Management feature, which I look for when choosing an identity management product, but I'm still in the research phase with this feature.

Most of our staff are okay with the quality of the end-user experience within our organization, but it could be more comfortable to use for managers. It's a challenging solution to implement for every department or team because not everyone likes the UX, and it's pretty outdated when it comes to product document writing. I had an unpleasant experience when we had a power cut, and I lost two pages of documentation, as there is no autosave feature. This is important from a manager's perspective but less so for developers.

For those considering the solution, talk to your dev team to determine if it covers their needs. If so, use it, as it has many features and is very scalable.

Azure AD manages the identities of all our employees. 

Azure AD allowed us to get rid of servers and other hardware that run at our offices. We moved everything to the cloud. Once we set up roles and permissions, it's only a matter of adding people and removing people from different groups and letting permissions flow through. 

It also saved us some money. Our IT group is tiny, so any automation we can do is valuable. We haven't had to grow the team beyond three. The employee reaction to Microsoft Entra has been positive. People like to have a single credential for accessing all our Microsoft and non-Microsoft apps.

I like Azure AD's single sign-on and identity federation features. It allows us to issue a single credential to every employee and not worry about managing a lot of passwords. Microsoft Entra provides a single pane of glass for managing user access, and we're pleased with it.

Entra's conditional access feature enables us to set policies up based on the location and risk score of the account and the device they use to access the network. Permission management lets us assign roles for various Azure functions based on functions people perform in the company. It helps us bundle access to different things by associating it with a given role at the company.

I would like to see a better delegation of access. For instance, we want to allow different groups within the company to manage different elements of Azure AD, but I need more granularity in delegating access.

We've been using Azure AD for 10 years.

I rate Azure AD nine out of ten for stability. They've had issues in the past, but it's been quite some time. It has been nearly two years since the last availability problem.

We only have 100 employees at the company, so we're nowhere near the maximum limits. I know of a massive company that adopted Azure AD. I imagine it's scalable well beyond the size of our company.

The support is decent. I always manage to find what I'm looking for. If it's not in the documentation, there are lots of blog posts that third parties have written, and I always seem to find what I need. I rate Microsoft support nine out of ten. 

Positive

We used the on-premises version of Active Directory, but we switched to the cloud to get rid of all of our hardware. We don't run any servers in the officer anymore. 

Setting up Azure AD was straightforward. It's all delivered online, so it's only a matter of filling in the parameters for our organization. After that point, it scales easily.

There's no traditional maintenance. We have to perform audits on accounts to ensure that people and permissions are still online. There isn't product or data maintenance. 

Azure AD is essential to how the business runs. We're only investing more in the whole Microsoft Suite.

We're a Microsoft partner, so we get partner benefits. We pay almost nothing, and it's massively valuable to us.

We didn't look at anything else because we're committed to Office 365, and we need to be on Active Directory for Office 365. It's a well-known, trusted solution so we never did an analysis of alternatives.

I rate Azure Active Directory nine out of ten. I'm sure there are some areas for improvement, but it's extremely valuable to us and the way that we operate.

Since we began to use Active Directory, I've learned a lot about industry best practices, particularly digital identity and its role in zero trust. By using a major mainstream identity provider, we're able to move toward the whole zero-trust model that's popular right now.

If you implement Azure AD, you need to consider the third-party apps you want to integrate. If they support competitors like Okta, Ping, and SailPoint, then they will almost certainly support Azure AD legacy applications. However, older software applications don't integrate well with Azure AD. 

We are a small consultant company, and we help customers to build hybrid environments. We synchronize on-premises AD to Azure AD and help our customers decide which one they want to use.

In our own company, we use Office 365, so we use Activity Directory directly for authentication and authorization.

The most valuable feature is Conditional Access. As there are more and more people working from home, security is a challenge for a lot of companies. To build a general trust solution, we need Conditional Access to make sure the right people use the right device and access the right content.

In our company, we use Conditional Access with Trend to make sure that our employees can use the device from the company. We can make sure that there is higher security. We can also use Trend to set up a group policy and to set up Windows Defender as well.

Microsoft Azure AD is easy to install and is a stable solution.

There is no documentation about how Microsoft will scale Azure AD for customers. It only mentions that it will scale out if you have a lot of requests but does not mention how in detail.

More documentation on some complete scenarios, such as best practices to integrate forests into Azure AD when a customer has several on-premises forests, would be helpful.

I've been using it for four years.

In my experience, it has been working fine.

Scalability is a pain point. There is no documentation about how Microsoft will scale Azure AD for customers. We do, however, plan to increase usage.

We used on-premises Active Directory before using Azure Active Directory.

The initial setup is pretty simple. Microsoft Azure AD can be deployed in one or two minutes.

If you have an Office 365 subscription, Microsoft will build Azure AD for you.

Microsoft Azure AD has P1 or P2 licensing options, and it depends on the customer's needs. To use Conditional Access, you need to have the P1 license, and to use the PIN features, you need the P2 license. We use the P1 license as we use Conditional Access.

It will be a very good solution if your company is already using on-premises Windows Active Directory. Microsoft has provided a useful tool called Azure AD Connect. So, you can easily sync your on-premises Active Directory to Azure Active Directory, and you can easily implement the SSO.

Overall, we are satisfied with the solution and the features provided, and on a scale from one to ten, I would rate this solution at nine.

Our use case for Azure AD is principally to do the role-based access management for our resources. So, we essentially use it for authentication operations for our primary groups and users to secure access to resources.

It has helped in improving our security posture. It is modeled around that. It is an AD, which means it is a directory of users, objects, and resources, and there is a lot of security in terms of the access model and in terms of who is accessing those resources.

In terms of user experience, it is pretty seamless for any user to use Azure Active Directory. The way its security model works is that once you sign in to Azure Active Directory, you get access to a lot of applications and systems that have Single Sign-on enabled. So, Azure Active Directory works seamlessly as an identity provider for many applications such as Slack, GitHub, etc. That's one of the best parts of it. If it is used properly, only by using the Azure Active Directory sign-in, a person can access different resources, which really improves the user experience.

We've benefited from all the security or AD features of this solution. Azure Active Directory is the only directory we've been using, and we make use of pretty much all the features, including the user identity protection features such as MFA. The way it allows us to audit who is logging in and do our work in a secure manner is one of the best features of it.

Azure Active Directory provides access to resources in a very secure manner. We can detect which user is logging in to access resources on the cloud. It gives us a comprehensive audit trace in terms of from where a user signed in and whether a sign-in is a risky sign-in or a normal sign-in. So, there is a lot of security around the access to resources, which helps us in realizing that a particular sign-in is not a normal sign-in. If a sign-in is not normal, Azure Active Directory automatically blocks it for us and sends us an email, and unless we allow that user, he or she won't be able to log in. So, the User Identity Protection feature is the most liked feature for me in Azure Active Directory.

Generally, everything works pretty well, but sometimes, Azure Active Directory has outages on the Microsoft side of things. These outages really have a very big impact on the users, applications, and everything else because they are closely tied to the Azure AD ecosystem. So, whenever there is an outage, it is really difficult because all things start failing. This happens very rarely, but when it happens, there is a big impact.

I've been working as a DevOps engineer for the last four years, and I have been using Azure Active Directory during this time. I got to know it really well over the last two years in my current job and as a part of my Azure Security certification, where I get to know how to secure everything in the cloud by using Azure Active Directory.

It is available most of the time. Only once in the last six months, we faced an issue. So, it is very reliable.

It is managed by Microsoft, so it is not something that is in our hands. We don't manage the infrastructure side and the scalability side.

My present organization is a startup with around a hundred people. There are 5 to 10 people who primarily work in the CloudOps and DevOps space, and we work with Azure Active Directory at some point in time. All people who have resources in Azure, such as the cloud administrators and people from the CloudOps team and the DevOps team, work with Azure AD.

In terms of resources, there are around 100 to 150 resources that we manage within it.

Microsoft has extensive documentation on its website about how to set up things in Azure AD. There are also video tutorials. So, typically, we don't need to engage technical support to do anything.

Only when there is an outage or something like that, we had to engage someone from Microsoft. For example, when there was an outage, we didn't know what was happening. There were some strange behaviors in certain applications, and that's when we involved Microsoft's technical support. 

They are very reliable, and they are very fast to respond. The response time also depends on the support plan that an organization has with Microsoft. 

I haven't used any other Identity Provider solution.

Our organization has definitely seen a return on its investment from using Azure Active Directory. It ties really well with the Azure ecosystem, which is why it makes sense to use Azure Active Directory to access resources.

Azure Active Directory has a very extensive licensing model. Most of the features are available in the free and basic version, and then there are premium P1 and P2 editions. The licensing model is based on how many users you have per month. In Australia, for a P1 license, the cost is 8 dollars.

With P1 and P2 licenses, you get a lot of goodies around the security side of things. For example, User Identity Protection is available only in P2. These are extra features that allow you to have a pretty good security posture, but most of the required things are available in the free and basic version.

I would definitely recommend this solution. I have been using it extensively, and it works really well. It is one of the best Identity Provider solutions out there. You have all the guidance from Microsoft to set things up, and if there is an issue, their technical support is highly available. 

It has been around for a while now, and most organizations leverage Active Directory as their on-premises identity provider. This is just Azure managing your Active Directory for you. It is pretty popular and rock-solid.

I haven't used any other Identity Provider solution, which makes it hard for me to compare it with others. Based on my experience and the things that I have done and learned over time, I would rate Azure Active Directory a nine out of 10.