Microsoft Identity Manager Reviews

There have been only two, maybe three projects related to this product. The challenge with obtaining information about these projects is that we focused mainly on designing the solution. 

The customers did not want continuous involvement in the operations because they couldn't see immediate results. So, we started with initial contact and face-to-face interviews to understand the organization's structure. Then, we began integrating the solution, including the site-based aspects and the schema for the metadata directory, which is essential for working with other components. 

However, the time spent designing and integrating the identity solution is a challenge. The deployment process is not quick. In the best-case scenario, it may take around six months before you see some tangible results at the beginning of the implementation of the identity solution.

The concept is primarily for the people in the business. In business, you can discuss how integrating all the services and resources within the company can bring numerous benefits. It involves having an integrated persona in the organization, not just in technology but throughout the company, including resources, printing, Salesforce, and office.

The problem lies in how to convey these ideas within each department. For example, the technology department might say, "No, this is an accounting problem because it's related to the accounting system." And the same goes for other departments like human resources. These are the kind of challenges we face when trying to integrate all the components within the company. We need to communicate with individuals about the benefits of identity, which are clear to project managers. We have executive support internally, but the challenge lies with the employees who don't see the benefits because they might be long-term or not immediately apparent.

I always appreciate products that provide technical information. It would be helpful to understand what's happening behind the scenes, such as log information. It doesn't need to be extensive, but it should show the process and provide insights. For example, in any Identity Manager software, having a console that displays the ongoing process helps identify any issues. Once you stop the process, you can refer to the problem and determine which system it's related to. This is very useful.

In the case of Microsoft Identity Manager, it would be beneficial to have a similar process where each stage of the process is clearly documented. For example, if there's a problem with communication between the identity manager and the human resource services when requesting a new account or adding a profile, having visibility into the systems involved helps identify the root cause. It could be a problem with the sales system, even if the product itself is not the Active Directory server solution. Understanding the connection and how to resolve the issue is crucial.

It takes a considerable amount of time to reach the right person and truly understand the problem. Especially in different regions, the problem may appear different but actually be related to another underlying issue. Support personnel with experience can identify such cases and provide effective solutions, but it can be time-consuming to reach these individuals, sometimes taking two or three hours on the phone. This can be challenging when the issue is affecting production. Reaching out to the support can be complex. For example, when dealing with Active Directory, there are ways to gather information and create reports, but they may not always be effective in certain scenarios. You often need to gather information from different sources, compile it into a document, and explain the problem, its identification, the solution, and so on. It's an ongoing process with multiple steps.

The setup was difficult. The deployment process is not quick. This is the case not just with identity solutions from Microsoft but also in general. There haven't been many implementations or opportunities for identity solutions in Mexico. The projects haven't been successful as they want to see quick resolution and benefits from the solution. Implementing identity solutions involves understanding the organization, integrating various systems, validating security components, and addressing other challenges.  People often feel frustrated because it takes a significant amount of time during the planning phase. There are no significant issues. The main problem with Microsoft Identity Manager is related to identity requests or similar matters.

Moreover, maintenance depends on how the project is initiated because I don't provide extensive support after the implementation. But initially, around five individuals are involved in a company with items, persons, and employees. In the beginning, there were only five products published in the shopping cart, and users can request services or access to systems such as accounting or similar programs. I don't recall the other programs, but there were only five initially. The problem arises when it comes to budget constraints. We publish five products internally and integrate with three systems—human resources, accounting, and IP directory— but there are more systems in existence. We try to create and extend the solution, but the customer needs to assign dedicated personnel to ensure the continuity and smooth operation of the solution. This becomes problematic because they usually reach out to us when they encounter issues like communication problems or misconfigurations. Maintenance or system upgrades are not the primary reasons for their calls.

I have experience with Microsoft Identity Manager as well as the Identity Manager from Quest Software, which was previously owned by VMware.

Overall, I would rate the solution an eight out of ten. However, my experience is based on the planning stage because we haven't had the opportunity to implement it.

We use the product for identity management. It stores organizational data, including contracts we generate using Active Directory.

The product’s most valuable feature is stability.

Microsoft Identity Manager could be more intuitive in terms of interface. Also, the product’s life cycle is very short. It is going to expire soon. It becomes tough to manage projects in this case.

We have been using Microsoft Identity Manager since 2016.

It is a stable product.

It is a scalable product.

The technical support services are average. They should improve the response time.

Neutral

The initial setup is complicated. It doesn’t have a modern GUI, making the process difficult. It takes one and a half years to complete. It requires one executive for maintenance.

I rate Microsoft Identity Manager a six out of ten.

Our primary use case for the solution is ID provisioning. We use it to manage the entire life cycle of an employee from their entrance to exit from the organization, which includes credential management and passport management.

What makes this solution attractive is the licensing model. Microsoft Identity Manager is included in premium versions of Azure AD and in enterprise agreements such as E3. This makes the solution very attractive to many of our clients who are subscribed to those products.

The governance reporting of the solution can be improved, as it can be difficult to get good, intelligible reports.
Microsoft could implement an API of some sort to allow report customization or some form of SQL model, to further customize modules and improve the reporting. That would be a major improvement to the product.

The solution is stable. 

As long as the right infrastructure is provided the solution is scalable.
I think any organization can use it. 

From my view, Microsoft doesn't invest much in this product and it can take a while to resolve any issues. 

Neutral

The setup is not difficult, although in my experience sometimes I ran into situations where I had to deal with a number of bugs. With five being difficult and one being easy, I would rate this solution a two point five in terms of setup, configuration, and implementation difficulty. The solution requires patching or tweaking right away, and configuration requires some level of experience.

The solution is included in the Microsoft E3 license and premium subscriptions of Azure AD.

In my view, this solution is more appropriate for organizations that have legacy applications, separate identity stores, as well as an active directory.

I rate this solution a six out of ten.

I'm currently evaluating SailPoint and I'm very interested in it. I expect they have a long-term vision for identity and access governance that Microsoft doesn't have. I expect richer support and an easier approach to implementation compared to MIM.

We work with Microsoft Active Directory, Azure Active Directory, and Microsoft Services as an identity and access management system. This solution provides privileged identity management single sign-on, so we're focusing on that.

This is an all-encompassing product. The features that we find most valuable are security, mobility, and Single Sign-On.

They have to improve the User Entity and Behavioral Analysis. They have all of these features, scattered around in different components. For example, if a user logs into a computer, from that point the behavior is not completely monitored. Windows Defender is monitoring the action, but if you go into the website, the solution is not capable of understanding it. Therefore, in the case of a user browsing a malicious website, there is no way to identify it.

There should be a way to create a profile for each and every employee. For example, if an employee is searching websites for a job then the organization should be able to identify that and recognize that he's going to leave the company soon. Or, if the user is trying to access a confidential document then that identity should be tagged as a malicious user. You should be able to create metrics or risk levels for a particular user.

Generally, the security features need to be improved so that they do not have to rely on other solutions. Importantly, browser behavior should be integrated. Properties such as what department an employee is in, and what resources they access, as well as the relevant correlations, should all be determined and stored.

This is a stable product that is continuously improving.

It is scalable to any extent, so it is not an issue for this solution.

There are approximately three hundred users, which are employees. Six of them are administrators, and perhaps another ten of them are privileged users who have access to various components of the system.

I would rate the technical support a seven out of ten.

There are different service levels. For example, an enterprise customer will probably have a special service level agreement, but for SMBs, the level is different. So in that, not all customers are treated equally.

The initial setup is simple because a lot of the configuration comes from the on-premises Active Directory. It connects to various other components. If your device has to be enrolled then it is a bit complex, and you need expertise on that.

Our implementation was handled by a Microsoft partner.

I strongly recommend this solution. It encompasses the cloud, on-premises applications, mobility, and on-premises users. The modern enterprise encrypted license is one of the best solutions to go for because of the mobility and security for the workforce, as well as for the company.

I would rate this solution an eight out of ten.

We are currently using this solution, and we are also a partner. We have implemented it in different sectors for different use cases. For example, we have implemented it in the financial sector to synchronize and automate lifecycle management. We have also done deployments to only provide self-service for resetting passwords. We also have many deployments related to lifecycle management in schools and the education sector.

It is one of the easiest products to implement, which is one of the main advantages. The integration is easy. Unlike other products, it is not complicated to integrate.

It requires a lot of improvements. Microsoft is killing this product and migrating some of the features to Azure AD. The last version of this solution was 2016. If it is going to stay and integrate with Azure AD, its integration needs to be worked on in terms of connectors, etc. It doesn't seem that they are improving it alone. Microsoft wants to integrate it with Azure AD, but the integration is still not complete. 

Their support is bad, and it should be improved.

I have been using this solution since 2006, but it had a different name at that time. 

It is stable.

It is not scalable. Once you have more than 100K users, it is not scalable. It can't scale and perform at that level.

Their support is bad. I would rate them one out of five.

Its setup is straightforward.

It is easy to implement and integrate, but I would advise keeping it in the scope of only synchronization and not governance. That's because it lacks governance features.

I would rate it a seven out of 10.

Our primary use case for this solution is to secure the identity of our customer. It is required for compliance and for making our systems very secure.

This solution helps in that it adds to our security.

The most valuable feature is that it provides protection for our company documents.

This product integrates with our SharePoint Global Portal.

This product was only launched two or three years ago, and it is still in the process of becoming stable.

We have to make use of the current feature set before looking for new features.

This product was launched two to three years back and it is becoming stable.

The technical support for this solution is ok.

We began using this product because we moved to the cloud. Earlier, we were using on-premise systems and at that time, this kind of security was not needed as much. 

The initial setup was straightforward.

We used a consultant for the deployment of this solution and our experience was ok.

We are not looking specifically for ROI with this product. Rather, it is used for compliance.

I would recommend this product to a colleague at another company.

I would rate this solution a nine out of ten.

The most valuable feature of the solution is the fact that I can use it to track who is sending which email, who is accessing which documents or which files, etc. These tools help me improve security within the enterprise environment.

Support needs improvement. It is very easy to get somebody to help with the implementation of the Microsoft product itself, but when it comes to support it's a challenge as an IT team. You have to tell people, "Well we need to get back to Microsoft" and that can take forever.

Sometimes the waiting process really gets you stuck. If you have deployed a feature in your environment and you're using it and you cannot get the necessary support to be able to get back aspects of it, then it's as if Microsoft has whet our appetite, but then we can't use it any more. It's frustrating for everyone.

I want to be able to have access to somebody from Microsoft to be able to help me when I have challenges.

We have a lot of end users and a few admins. Right now, we have about 180 users on the solution.

On a scale of one to ten, I'd put technical support at seven. There's a lot of room for improvement. What really has helped us is the reviews that are put out by other admins who have been able to resolve the same problems. You can find an identical problem and see its resolution. If you are able to access those reviews, it helps you to navigate and try to solve your problems. That's what helps a lot of the time, as opposed to speaking with an actual person from technical support.

The difficulty of the initial setup is always different. It depends on which application you deploy. Some are complex, some are straightforward. If you're deploying Microsoft XG, it's quite straight forward. If you're deploying something like MGM it's a little more confusing, and you always need somebody to help you to be able to do that. SharePoint is also a little bit confusing to handle. 

Likewise Identity Manager looks a little more confusing in terms of its implementation process. There are other products from Microsoft that are more straightforward to implement or deploy, however.

Over the years Microsoft has improved a lot. We don't have problems like we used to have in previous versions. There's still more room for improvement, however. They have begun listening to their customers, and they are bringing out features that customers are asking for and if I can get that from an OEM it gives me the assurance that everyone is being taken care of.

I would recommend the solution, however if a person is considering implementing it, they need to have a plan. Otherwise, they might start off and only after realize that there are options that weren't implemented well. It's good to always have a plan of what you want to implement something new. Review it and let your team query it, so you know exactly what you are deploying. 

I would rate the solution eight out of ten.