Microsoft Entra ID Reviews

We have a variety of use cases. The first thing we use it for is Microsoft 365 services. We utilize the single sign-on capability, for use with other SaaS applications. We use MFA, and use it as an identity provider, in general. We make use of the B2B Federation functionality based on Active Directory, as well.

We use a hybrid Azure Active Directory that works in conjunction with our on-premises Active Directory.

Azure AD has security features that have definitely helped to improve our security posture. Our hybrid environment makes it very easy for us to control when we need to integrate with third-party solutions. Normally, we do not allow integration with our on-premises systems and by requiring the third parties to integrate through Azure Active Directory, it gives us an extra layer of security. There is one-way communication from our on-premises Active Directory, which helps to secure our main controllers.

Another thing that we use extensively is conditional access, on top of the Azure Active Directory multi-factor authentication. We are quite happy with the metrics and reports, as well as the logging of risks, such as attempts to sign in from different areas.

So far, we haven't had any incidents. We've seen some attempts to steal our identities or to log in using our credentials but the security provided by this product, including conditional access and MFA, has stopped these attempts. From a security perspective, we are quite happy.

Overall, our security posture has improved, especially when we are talking about MFA. We have MFA deployed on-premises for all of our critical applications. Moving beyond this, to the cloud, I cannot imagine dealing with all of these different SaaS products without having AD or another cloud identity provider in place. We could use a competing product but definitely, we cannot survive solely with our on-premises solution.

This solution has improved our end-user experience, in particular, because of the single sign-on feature. Our users can quite easily begin working. For example, I've worked with other SaaS solutions and one thing that users complain about is the additional steps required for MFA. Some of the non-tech-savvy end-users sometimes struggle, but overall, I would say the experience is quite good.

We are a group of companies and have different Active Directory Forests and domains. Using Azure Active Directory, collaboration is much easier for us because we are able to configure it at the cloud level.

The most valuable feature is its ability to act as an identity provider for other cloud-based, SaaS applications. In our bank, this is the main identity provider for such features. Not on Office 365 applications, but on others like Salesforce.

The B2B Federation functionality is not perfect and could be improved. It is not on the same level that we could have if it were being used on-premises. It offers a different experience, which is a bit complicated and has some additional drawbacks.

The MFA has some limitations compared to the legacy version. We still use our on-premises version because it works with our legacy applications using certain protocols. 

I think that as Microsoft is going to the cloud, they are turning off the on-premises features too quickly because the functionality is not yet at par.

I would like to see more features included, such as some surrounding the lifecycle of licenses, and access management for non-Azure cloud applications

We have been using Azure Active Directory for approximately three years.

Prior to working with this company, I worked for Microsoft and I used Azure Active Directory as a user over a period of four to six years.

I'm pretty happy with the stability of this product. In all of the time that I have used it, I do remember a couple of instances where there was downtime. However, these did not last for a significant length of time.

I can recall that it went down one time, for approximately four hours, in several years. SLAs are definitely met by Microsoft.

Scalability-wise, it works for us. We haven't had any problems and it is quite scalable.

Our company has 4,000 employees, so it isn't very large but so far, so good.

There are two people who are administrators that are involved in the managing and administration of Azure AD. I do not have administrative rights. Rather, I am set up for viewing only. 

In general, I would rate Microsoft support a seven out of ten. Sometimes we needed to speak with different people about the same problem, and each time, we had to describe the situation from scratch.

I have no experience with other B2B Federation solutions, so I can't compare Azure Active Directory in this regard.

Our initial setup was complex in some ways and easier in others. The complexity stemmed from the fact that we are a bank, and the security team chose the most complex deployment. Because the security people chose the most complex options, they are missing things. For example, self-service password reset is not working for us because it's one-direction communication.

In summary, our initial setup was complex because it was chosen as such. Although it is the most secure, we are missing some benefits that we would have if we had chosen a different setup.

The deployment itself was not very long. However, the planning stage was lengthy because of the in-depth discussions with the security team. Overall, the deployment took perhaps two weeks or less.

Our deployment strategy was a rather high-level approach and considered that our primary identity provider is on-premises AD, which means that we were able to take some of the details from there. We did not have to consider everything from scratch. For example, our password hash is one-way, so there are no writebacks. We defined it this way because it's quite secure. Similarly, we needed integration with third parties, such as other cloud providers. This meant that we were not afraid if something is breached because there would be no impact on our Active Directory. The only impact from a problem would be at the Azure Active Directory level.

The cost of Azure AD is one of the biggest benefits, as it is available for use free of charge when you start with Office 365. It comes with the basic version of it and you can move to the more expensive plans with additional features, but these are still very competitive compared to other vendors.

By comparison, other vendors offered an independent MFA product but at quite an expensive price. With Microsoft, it was already included in the price. The bundling approach that Microsoft uses is good; although competitors may offer a more compelling solution, we already have access to the one from Microsoft at no additional cost.

We evaluated some other products from an MFA perspective but I have no hands-on experience with them. I received many good recommendations about both Okta and Ping Identity solutions.

My advice for anybody who is considering Azure Active Directory is that if they are going to use other Microsoft services, like Office 365, then it's no brainer. It's the perfect solution for situations like this.

If you're using a different stack, like Google, and you choose a different cloud provider like Google or Amazon, then if you are using Microsoft, it is still good to use Azure Active Directory. The costs are relatively cheap compared to others.

However, if you're not using Microsoft products, then I would suggest that you could look to other vendors like Okta, for example. I had quite a few good references regarding Okta and the Ping Identity products. Ultimately, you are free to choose but from a cost perspective, Microsoft is great.

I would rate this solution a nine out of ten.

We use  Azure Active Directory to provide all the identity services for all of our applications.

As a company, you want effective identity and access management. You are able to achieve this with Azure Active Directory, you are able to manage everything, such as building user provisioning into third-party applications, or single sign-on, and tools to mitigate threats or risky sign-ins. There are a lot of features that are provided.

The solution has some great features, such as identity governance, and user self-service. The Outlook application is very good and is used by a lot of people even if they are using Google services.

Azure Active Directory could improve by having an authentication service for laptops or desktop computers running Mac and Linux operating systems. They currently have authentication capabilities for Microsoft Windows. Having this capability would benefit people because in today's world everybody is working from the home environment.

I have been using Azure Active Directory within the past 12 months.

The solution is stable. There was one global outage that lasted approximately four hours in the past year.

Microsoft has different kinds of support you can have. If you pay then you will receive premium support which is very good.

I have previously used Google G Suite.

The initial setup is straightforward.

Azure Active Directory is more expensive than Google, but the capabilities they provide are superior.

I have evaluated SalePoint which is another very good product for collaboration that is available on the B2C platform.

The people who are considering Azure Active Directory should look at it as a whole because even if their company is using G Suite, they will still have to go to Office 365 for accounting and finance users who are very familiar with MS Excel and still want to use it. I see most of the companies that are using G Suite will have Office 365 for certain services. There is no need to have two services, a single Office 365 platform will provide all the capabilities needed.

I rate Azure Active Directory a nine out of ten.

I was a consultant. I recently changed my job (seven days ago). Most of my customers did everything in Azure. They used Azure Active Directory Domain Services (AD DS) as well as Active Directory Federation Services (ADFS) to sync a user's profile using AD Connect and a federated model. So, they could access an application on-premises as well as in a cloud. 

I am now a CTO for a big hospital. I manage Azure AD for all hospitals as the CTO. They also use Office 365 across all four of their hospitals. 

The solution is hybrid cloud. We have the Active Directory on-premises and Active Directory Domain services in Azure. This is where I use AD Connect (or sync server) to sync the user's profile.

Azure AD has features that have helped improve security posture. From a security point of view, they integrated with Okta, which is one of the integrations that we used for a customer's use case. From there, their entire security posture is managed and integrated with Azure.

It gave better visibility on our customers' security posture - the way that they configure users, configure their end user computing, and multi-factor authentication. This is where they get better visibility and manageability through this particular solution.

A use case that we did for an end user in a manufacturing organization: We used WVD with biometric authentication because 1,500 processes need to happen in a process. The user didn't want to use a login using their credentials. They wanted to use fingerprinting or tap their ID. That is where we integrated with the authentication. Now, they can process in a couple of hours, and they run those 1,500 processes every day. This changed their login process, which improved the manufacturing process. This helped a lot for their high deployment.

In my current organization, it is connected only for Office 365. We are getting into other services that Azure has to offer, but that has not yet started. The first use case that we are going to do is backup and recovery through Azure AD.

We are trying to do backup for some Tier 1 applications through Commvault. We will use that data to restore within the Azure environment or Azure Virtual Network (VNet), recovering all the applications. We then make sure that we have the capability for recovering those applications end-to-end. This is where Azure AD will play a huge role, so we don't have to come down to on-premises for authentication.

• The authentication process, e.g., multi-factor authentication.
• Directory Domain Services.
• Azure AD Connect (sync services).

The biggest thing is if they could integrate with their IPS/IDS processes as well as have integration with another app, like a third-party application. Varonis was another solution that my customers are trying to integrate with ADFS. For some reason, they were seeing some difficulties with the integration. There is a case open with Microsoft on this particular thing.

The only issue is the OU is not properly synced. Therefore, you have to do a manual sync sometimes or you might lose the connector due to AD Connect or sync servers.

I have been using it for a couple of years.

I haven't seen any major issues. 

We had a customer with roughly around 80,000 users. They had three SMEs or FTEs managing their Active Directory environment or solution.

Maintenance-wise, we need at least two FTEs for backup, making sure that we have the right coverage 24/7.

I think we can add more systems to make sure that we can connect. The documentation provides more detail about the sizing information for OVA files or AD Connect files on the server. So, you have those kinds of capabilities built into the scalability.

Before, we used to manage most technical issues. For example, if there was a critical thing that had to happen, then we would open a case. The support that we used to get from Microsoft was great because we were a Gold partner with Microsoft, so we had good access for the technical team.

We don't use the technical support too much because we have engaged a partner for my current organization. 

The initial setup was so straightforward. The documentation is good. There were no problems deploying it. We did the deployment for one customer in less than an hour. Another customer took some time because it is more like a process for change management. Otherwise, the actual installation, download, and configuration took less than a couple of hours.

My previous company's focus was on how to integrate a customer's Active Directory with Okta, how to integrate it with MFAs, and how to integrate with security IMs.

The deployment was easy to do and integrate with on-premises. So if it was a small- or medium-sized customer, we could bring them into the cloud in no time. Also, we could start looking into other applications that the customer could use: Docker containers or DevOps. This is where we spent most of the time, i.e., with customer design.

Every hospital with Office 365 comes with Active Directory Domain Services so you need to sync all your users. That is how the implementation is done today.

At my previous employer, most of our customers' application deployment used Ruby on Rails in their AWS environment and were looking for an authentication process. So, we installed Active Directory or ADFS in Azure for a specific client. Then, all applications would get authenticated to Azure Active Directory and synced from their on-premises environment. 

There was another client for whom we installed Azure Directory Domain Services, which synced with their on-premises data and federated model so we could get the single sign-on. We then installed Azure VMware Solution in Azure for their expanding or extending their on-premises VMware architecture.

We created a questionnaire where we documented the customer's current environment. For example, customers wanted to sync the amount of users. We then used that questionnaire to take care of the prerequisite before we even started deploying this solution.

The whole deployment process should take less than one FTE.

It provides an organization flexibility to move towards the public cloud, so their workload can be upstream. They can see that they don't have to come down to their on-premises for any authorization authentications. That is where we were seeing more development environments, staging environments, and DevOps environments, as most of our customers were pushing towards the public cloud, which would then be integrated with their Azure Active Directory.

The licensing model is straightforward. I don't think there are any issues with the E3 license or E5 license.

We had a customer with very traditional architecture in AWS. We spun up the ECP instance, then installed and replicated the Active Directory. Other than that, I don't think we had another customer who was going in a different direction.

We have a budget for Q4 2021. By Q1 2022, we are hoping to get one hospital completely in Azure by 2022.

The only way to learn about the value that Azure brings to the table is if a customer can use as an evaluation copy or license. Then, they can integrate and push the development OUs or the test OU to make sure that they can integrate with the MFAs.

I would rate this solution as an eight or nine (out of 10).

The primary use case for Microsoft Entra ID is enterprise or company-wide system management. It allows us to join most systems, regardless of their location, to the active directory of the company's domain. This is particularly useful for managing PCs for remote workers and securing their devices.

Microsoft Entra ID has made managing users easier, as well as sending out policies and implementing restrictions. It simplifies the management of IT infrastructure.

The features I find most valuable are conditional access, privilege management, and dynamic groups. Conditional access allows us to set specific policies for security purposes. Privilege management enables us to assign specific roles to users, such as user administration, without giving everyone admin rights.

Microsoft often changes settings, and many features are scattered. It would be helpful if settings were grouped under a specific category, like authentication, to make it easier for beginners. The platform can be overwhelming for new users, so consistent organization of features is needed.

I have been working with Microsoft Entra ID for a good part of five years, migrating over from when it was previously named Azure Active Directory.

There can be outages or times when the portal is unresponsive, which is why I would rate the stability a seven.

I have not encountered any issues with scalability; it is for everyone. So, the scalability rating is ten out of ten.

I haven't raised any tickets with technical support, as I was part of the Microsoft technical support group.

Positive

No other solutions were used previously.

The initial setup is straightforward due to my experience, however, I would rate it a six or seven out of ten for someone new. Issues arise if users make incorrect choices during the out-of-box experience.

The deployment requires one person to create user profiles and assign relevant permissions, though two to three people may be needed for advanced features.

Business process-wise, Microsoft Entra ID makes managing users and IT infrastructure easier.

The pricing is fair compared to other products, and I would rate it a five out of ten for value for money.

No other solutions were evaluated.

For seamless integrations with other services, Microsoft Entra ID is likely the easiest tool. I would recommend it to others.

I'd rate the solution eight out of ten.

We use Microsoft Entra ID primarily to reconnect all of our Windows laptops. It is our centralized location for access to pretty much anything web-related. Everything you log in is MFA activated. We've worked on conditional access policies in it as well.

Microsoft Entra ID has improved our organization because we now utilize a single source of truth for authentication. We have less management, and I can point everything to Microsoft Entra ID. I have fewer people talking about resetting passwords, the MFA pieces, and more single sign-on.

I'm not attaching or having to authenticate on separate apps, which has greatly benefited us. We are able to route things into Microsoft Entra ID. I create one ID, I create groups that manage the security side of it, we plug that in, and it works great.

The most valuable features of Microsoft Entra ID are the login and the conditional access pieces. The login helps me identify who went where, why, and what problems they may have encountered. The conditional access allows me to control the flow of user access.

The private access is the next big thing for us, and that's one feature I'm going to try in public preview and probably move towards. There is no great solution in the cloud for Conditional Access authentication and RADIUS-type authentication.

I have been using Microsoft Entra ID for four years.

The solution's stability is very good. We've only had one minor outage for a few hours.

The solution's scalability is really good.

The solution's initial setup is fairly straightforward. The biggest issues we had were syncing it to the on-premises Active Directory and doing local things like RADIUS.

We implemented the solution with the help of a consultant named Steeves and Associates, and our experience with them was really good.

We have seen a return on investment with Microsoft Entra ID. The solution has dramatically reduced the amount of time spent on activating accounts. I was the first system administrator at the company, and we've got four now. It's definitely a growing arena, but it's an understanding that I can see that progression. I don't have to teach them all these different things. We just do one thing and move on.

Everything costs money in a tough market. As a nonprofit, we have A5 licenses for nonprofits in education, so we at least have some reduced costs. Looking at Copilot and a bunch of other features that are coming out, we'll have to seriously consider that cost-to-value ratio.

Since we all use Windows laptops, choosing Microsoft Entra ID made sense. I think there's a cohesivity in what Microsoft is trying to do, and Microsoft Entra ID is a very core function of that strategy. It's easier to branch out to other security products, making it easier for us to expand that landscape.

Microsoft Entra provides a single pane of glass for managing user access.

Because of the solution's single pane of glass, we don't have to run around to multiple places, mainly to create or remove accounts. One of our biggest issues, especially in the past few years, is turnover. Removing accounts is a big issue because we don't know where everything lies. Trying to find those little corners where access has been granted and not knowing it for a year or two after the employee has left is a huge security concern for us.

Our HR department doesn't use Microsoft Entra ID yet, but the IT department extensively uses it. It saves all that account creation, and we don't have to run around to different products. The solution has saved our company at least a few hours a week. We can focus on other projects, and I can educate most of my staff who are doing it in other areas.

Microsoft Entra ID has not necessarily helped our organization to save money. As a nonprofit, we didn't have any solutions, so it probably started costing us more. However, I think it's paid off just by this security nature of things and having that single pane of glass.

Overall, I rate Microsoft Entra ID ten out of ten.

We manage local users in the Microsoft Entra ID environment. 

The tool's most valuable features are security and integration with other tenants. 

The product takes at least ten minutes to activate privilege identity management roles. 

I have been using the product for two years. 

The tool's stability is good. 

Microsoft Entra ID's support is good. 

The tool's deployment is easy. However, documentation is not helpful. 

The product is cheap. It is free for our tenant. 

I rate the product a seven out of ten. 

The solution grants users access to various apps built on the portal. 

There was a lot of logic and a lot of improvement overall in terms of improvement. On the user access side, it improves the company a lot, specifically in regard to security. It really does help with access and protection.

My experience so far has been amazing. I'm in the intermediate phase of understanding it. Loading users and creating groups and so forth is very easy. We can also run multifactor authentication.

The dashboard is very good. It's outstanding.

It offers very good support.

The virtual machines you can run through it are great.

We are provided with a single pane of glass for managing user access. It helps provide more insights and creates consistency in the user experience. It works perfectly. Only admins can control access. That makes it safe. If a user requests something, only the admin would be able to assign the permissions.

My assessment of Active Directory's admin center managing all of your identities and access tasks is that it is very effective. 

I do use the verified ID at this time to onboard employees. Onboarding new users is very easy. It's very quick and doesn't affect the users. It's simply sped up the process. It also helps with privacy and control of identity data for remote employees. It's good to have and it assists with security. 

Permission management is quite good. The visibility and control in the clouds are good - at least over Microsoft. 

The product has helped save time for our IT administrators and HR department. It's helped a lot of time. It might save around 70% of our time from an IT admin support perspective.

It's very good at not disrupting the user experience. 

I'm still new to the solution. I need to look at the solution more before commenting on what to enhance. 

I do not need any extra features from my side. 

Having more training would be quite helpful. 

Having a faster interface could be helpful.

I've used the solution for two years. 

The solution is stable. 

We use the solution across multiple locations. We have multiple systems and apps that we built that run through Azure. We have about five people actively using the solution. We only have about seven people in our organization. 

The solution can scale well. I'd rate scalability nine out of ten. 

I've never dealt with technical support. My colleagues have used it and I've heard from another user that the turnaround was almost immediate. My understanding is that it is quite good. 

Positive

We did not previously use a different solution. 

The initial setup was straightforward. It does not require any maintenance. 

I'm not sure if we've saved money specifically using the solution, yet, if that wasn't the case, I'm not sure why we would use it.

We have not evaluated other solutions. 

I'm a customer and end-user.

I don't use the conditional access feature. 

I'd personally recommend the solution to anyone. I'd rate the solution ten out of ten. 

Our primary use cases are to join devices to Azure AD.

Entra ID provides more clarity regarding what's happening in the business. The benefits of using this solution were realized straightaway.

It helped save time for our IT administrators or HR department. Azure ID has positively affected the employee user experience in our organization.

We use features like a single pane of glass for managing user access to a certain degree. The admin center for managing all identity and access tasks is also good.

Moreover, we also use the conditional access feature to enforce fine-tuned and adaptive access controls. Any new user would have to go through the MFA process due to the conditional access policy. So no one gets left out. This is because of the zero-trust strategy for verifying users. 

The biggest benefit of using Azure AD is that it allows us to access the information on-premise servers and also for devices that just joined Azure AD.

In future releases, I would like to see an attack simulator incorporated, especially for some of the business plans.

I've been working with Azure AD for two years.

The initial setup was complex, but we overcame the complexity. 

The pricing is fine. It is what it is. 

Overall, I would rate the solution a nine out of ten.

We use the solution for single sign-on, provisioning, de-provisioning, conditional access, and identity governance.

The access governess feature improves our compliance.

Privilege Identity Management is the most valuable feature.

The licensing and support are expensive and have room for improvement.

I have been using the solution for five years.

I give the stability a nine out of ten.

I give the scalability a nine out of ten.

The support is really good.

Positive

The initial setup was straightforward. The time required for deployment will vary depending on the features that we plan to use. Typically, two to three weeks should be sufficient for deployment.

The implementation was completed in-house.

We have seen a return on investment.

I give the cost a three out of ten. The licensing is expensive.

We evaluated Google Cloud Identity.

I give the solution a nine out of ten.

Two to three engineers are required for the Maintenance. The majority of the maintenance is completed by Microsoft.

I recommend the solution to others.

We deployed the solution across multiple geographical areas.

We use Azure AD which enables our customers to remotely access the shared machines within their office, allowing them to work from any location.

Our primary customer transitioned from using a local cluster to utilizing Azure. They initially utilized Hyper-V and have now combined Azure AD with SharePoint Office 365. This new setup has proven to be much more convenient for them compared to their previous local arrangement, which did not work well. With Azure AD, I was able to exert greater control over the content on their machine.

Azure AD saved time for our IT administrators and HR departments, particularly when they need to reset their own passwords or grant permissions to other people within the group by themselves. This saved around 60 hours in total.

Azure AD helped save around 18,000 euros.

Azure AD significantly improved the employee user experience in the company by providing them with enhanced accessibility to their information and facilitating seamless login and logout from their machines while working from home. This is a significant shift from the previous system that relied on a local username and VPN connection and was limited to a fixed cluster.

The most valuable feature is the ease with which a person can log in remotely using only a password or pin without creating a profile or policy.

The permission management is a mess because it is not centralized, especially when we go back from Azure, which is quite big to SharePoint. This is not really well done and has room for improvement.

I would appreciate it if Azure AD could provide an option to simplify its interface by removing unnecessary features for small companies with a maximum of 50 users. This would make it more user-friendly for our customers who find the current interface overwhelming due to its numerous options.

I have been using the solution for almost 12 years.

Azure AD is a stable solution.

Although Azure AD is intended to be scalable, we have not yet verified its scalability by adding more users.

The initial setup is straightforward. The deployment required around six hours. I only had to import to write the existing users into Azure.

The implementation was completed in-house.

The solution can be cheaper.

I evaluated Google Workspace but I prefer Microsoft.

I give the solution a nine out of ten.

The only maintenance required for Azure AD is to modify certain parts on Windows by using policies.

The usefulness of Azure AD depends on several factors such as our intended use, the current system, the number of users, and organizational size. While Azure AD is an excellent choice for larger companies, it may not be beneficial for individuals.