Regional IT Infrastructure Manager at a retailer with 5,001-10,000 employees
Real User
Top 20
2024-09-19T06:36:00Z
Sep 19, 2024
The challenges everyone now has in mind is how to really migrate fully to the cloud. Many companies face both technical and cost-related challenges when moving from on-premise Active Directory to Microsoft Intra. Additionally, not all features available on-premises, such as the RADIUS server, are available in the cloud, necessitating alternative solutions. Moreover, the cost of migrating to the cloud is a significant hurdle due to the yearly subscription fees.
Senior Technical Project Lead at a computer software company with 51-200 employees
Real User
Top 20
2024-06-12T11:38:00Z
Jun 12, 2024
I expect additional features like maximizing user flow, improving the branding of the UI, and enabling non-interactive login. Customizing the login page is limited to changing the background and logo, and adding terms and conditions during registration requires JavaScript.
Most of the features of the product are not implemented in our company because every employee is involved in their own research and development activities. Microsoft Active Directory restricts most of the features our company's employees want to use since they are involved in research and development activities. The tool should not restrict functions or features for users, and it can be considered as an area for improvement.
I feel that Microsoft Active Directory is a superior solution to the other products available in the market. Microsoft Active Directory fails to provide MFA. MFA, which is also known as multi-factor authentication on top of the password and username, is what I would like to see in the product's future releases.
Learn what your peers think about Microsoft Active Directory. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
The cloud service of Microsoft Active Directory is an area with certain shortcomings that need improvement. Microsoft Active Directory's stability can be improved.
Typically, it depends on the customer's situation. If the customer operates in smaller locations where most PCs are in a common location, we usually aim to consolidate the directory infrastructure for easier maintenance. However, for distributed setups spanning multiple countries, configuring multiple sites becomes necessary and more intricate to handle. Our objective is to minimize the number of sites, simplifying operations for IT administrators and reducing errors. Mistakes in Active Directory can be costly for organizations, as disruptions can occur rapidly. Moreover, when it comes to hybrid single sign-on across various applications, Microsoft hasn't put forth significant effort. Single sign-on has become a challenge for many customers who utilize diverse solutions beyond Microsoft products. While implementing single sign-on is relatively straightforward in the Azure cloud, it's considerably more complex when dealing with the local Active Directory. This presents a big challenge for many of our customers.
The product must provide remote password reset features. Users would want to reset their passwords wherever they are. We've never really had a simple solution where resets could be done remotely other than using third-party applications. We've had to create a third-party application for password resets. The cloud-based solution was not so easy to deploy. The product should improve Active Directory replication into the cloud. The setup is not seamless. If we set up an AD on-prem and want to deploy it in the cloud, the synchronization setup is not very easy. The product should improve the synchronization between on-prem and cloud servers. The setup is quite complex. It would be helpful to set up a cloud server and link it to the same domain. The active directory synchronization must be instant. It would be a great improvement if the process were automated. If I go into the cloud and set up a new Active Directory server, and link it to a specific domain, the synchronization should be the way it is on-prem. When I set up a new server on-prem and connect it to the domain, all the users move immediately.
Most of the features which are required for the active directory are already introduced into the Azure Active Directory. If you are using the Active Directory, the main concern is that the policy is restricted to the specific local area network. The users may not be in that specific local area network, like the office network, and won't get the updates and new policies. However, upgrading is not easy because it has to come in a hierarchy from top to bottom. If you are a global administrator and have limited rights, it might be difficult as you are responsible for the whole entity.
The user interface is not friendly for a regular user. Configuration is more complicated than it needs to be. It normally requires an expert technician and deployment takes two to three weeks.
Lead Desktop Support Technician at a healthcare company with 10,001+ employees
Real User
Top 20
2023-01-19T19:11:43Z
Jan 19, 2023
There has been a change in the layout of the user information. Previously, I had to go to properties to view the information, but now it is displayed directly below the search results. It takes some time to get used to.
I would like to see the integration with Mac and IOS products improved. I would also like to have some similar functionalities in the on-premise solution that they have on the cloud solution.
The product could be improved in the area of security. For example, they can release a patch every week or every month and release the security patches.
Senior Systems Engineer at Virtual IT Group - Australia
Real User
2022-09-29T15:26:26Z
Sep 29, 2022
The interface for logs should be user-friendly and allow for enhanced filtering to drill down to incidents. It is time consuming to get a clear picture and review deviations in conditional policies because you have to check each and every log to find information on malicious attacks, a compromised end-user's account, or phishing emails. The logs for sign-ins and auditing should be available for more than a 30-90 day window. Most logs are displayed in UTC but it would be helpful to include time conversions for tenant regions. Currently, we must do time conversions manually before we contact users to share information and troubleshoot issues.
Active Directory stores information about objects on the network and makes this information easy for administrators and users to find and use. Active Directory uses a structured data store as the basis for a logical, hierarchical organization of directory information.
This data store, also known as the directory, contains information about Active Directory objects. These objects typically include shared resources such as servers, volumes, printers, and the network user and computer...
The challenges everyone now has in mind is how to really migrate fully to the cloud. Many companies face both technical and cost-related challenges when moving from on-premise Active Directory to Microsoft Intra. Additionally, not all features available on-premises, such as the RADIUS server, are available in the cloud, necessitating alternative solutions. Moreover, the cost of migrating to the cloud is a significant hurdle due to the yearly subscription fees.
The solution should maintain the infrastructure according to the period you are in and the security changes.
I expect additional features like maximizing user flow, improving the branding of the UI, and enabling non-interactive login. Customizing the login page is limited to changing the background and logo, and adding terms and conditions during registration requires JavaScript.
The solution could be made more safe by using authentication mechanisms. We often have to deal with security issues.
Most of the features of the product are not implemented in our company because every employee is involved in their own research and development activities. Microsoft Active Directory restricts most of the features our company's employees want to use since they are involved in research and development activities. The tool should not restrict functions or features for users, and it can be considered as an area for improvement.
I feel that Microsoft Active Directory is a superior solution to the other products available in the market. Microsoft Active Directory fails to provide MFA. MFA, which is also known as multi-factor authentication on top of the password and username, is what I would like to see in the product's future releases.
The cloud service of Microsoft Active Directory is an area with certain shortcomings that need improvement. Microsoft Active Directory's stability can be improved.
I would like to see more integration with cloud-based applications. This would make it easier to manage users and devices across multiple platforms.
Typically, it depends on the customer's situation. If the customer operates in smaller locations where most PCs are in a common location, we usually aim to consolidate the directory infrastructure for easier maintenance. However, for distributed setups spanning multiple countries, configuring multiple sites becomes necessary and more intricate to handle. Our objective is to minimize the number of sites, simplifying operations for IT administrators and reducing errors. Mistakes in Active Directory can be costly for organizations, as disruptions can occur rapidly. Moreover, when it comes to hybrid single sign-on across various applications, Microsoft hasn't put forth significant effort. Single sign-on has become a challenge for many customers who utilize diverse solutions beyond Microsoft products. While implementing single sign-on is relatively straightforward in the Azure cloud, it's considerably more complex when dealing with the local Active Directory. This presents a big challenge for many of our customers.
There is room for improvement in the support. For many use cases, we get good support; for some, we don't.
The product must provide remote password reset features. Users would want to reset their passwords wherever they are. We've never really had a simple solution where resets could be done remotely other than using third-party applications. We've had to create a third-party application for password resets. The cloud-based solution was not so easy to deploy. The product should improve Active Directory replication into the cloud. The setup is not seamless. If we set up an AD on-prem and want to deploy it in the cloud, the synchronization setup is not very easy. The product should improve the synchronization between on-prem and cloud servers. The setup is quite complex. It would be helpful to set up a cloud server and link it to the same domain. The active directory synchronization must be instant. It would be a great improvement if the process were automated. If I go into the cloud and set up a new Active Directory server, and link it to a specific domain, the synchronization should be the way it is on-prem. When I set up a new server on-prem and connect it to the domain, all the users move immediately.
Most of the features which are required for the active directory are already introduced into the Azure Active Directory. If you are using the Active Directory, the main concern is that the policy is restricted to the specific local area network. The users may not be in that specific local area network, like the office network, and won't get the updates and new policies. However, upgrading is not easy because it has to come in a hierarchy from top to bottom. If you are a global administrator and have limited rights, it might be difficult as you are responsible for the whole entity.
The product's premium support services are expensive. It could be better.
The scalability of the solution needs improvement.
The solution is complicated to navigate. We encounter issues while changing the settings. They should improve these particular features.
It could be more stable.
We've found Active Directory difficult to restore. I'd also like to see more structure in the cloud version.
They should improve the solution's old computer cleanup tool.
The DNS services could improve in Microsoft Active Directory.
The user interface is not friendly for a regular user. Configuration is more complicated than it needs to be. It normally requires an expert technician and deployment takes two to three weeks.
There has been a change in the layout of the user information. Previously, I had to go to properties to view the information, but now it is displayed directly below the search results. It takes some time to get used to.
There is room for improvement. Microsoft is always working to improve their solutions and features.
Microsoft Active Directory could improve by having better integration with other solutions.
I would like to see the integration with Mac and IOS products improved. I would also like to have some similar functionalities in the on-premise solution that they have on the cloud solution.
The product could be improved in the area of security. For example, they can release a patch every week or every month and release the security patches.
The interface for logs should be user-friendly and allow for enhanced filtering to drill down to incidents. It is time consuming to get a clear picture and review deviations in conditional policies because you have to check each and every log to find information on malicious attacks, a compromised end-user's account, or phishing emails. The logs for sign-ins and auditing should be available for more than a 30-90 day window. Most logs are displayed in UTC but it would be helpful to include time conversions for tenant regions. Currently, we must do time conversions manually before we contact users to share information and troubleshoot issues.
The interface hasn't changed much over the years. It's suitable for my tastes, but that doesn't mean everybody likes it.