Microsoft Entra ID Reviews

I have been working with a medication company and we are building an LMS system. We have an older version and we've decided to develop a new version of it. We are building the entire system on the cloud and using new technology.  We started the process on Azure cloud, but we have later plans to try AWS, but for now, we are using Azure Active Directory.

Having access to Azure Active Directory on the cloud gives us speed and use of the latest technology. The application services are very good, such as GitHub.

Azure Active Directory could be made easier to use. We have large amounts of data and storage. We are looking for video files and media content for applications, we will think about options, such as cloud storage or a CDN.

I have been using Azure Active Directory for approximately three years.

I have not found any problems with the stability of Azure Active Directory.

The support for Microsoft is good. We do have a developer support package with them. We create a ticket, they respond back, then there is some back and forth communication. They will have a call with you you and ask for a screenshot of the issue. If you have any issues, they help you. They will follow up with you, the service is not bad. There are times you have to keep following up with them but we were satisfied.

The process of implementing Azure Active Directory is not straightforward. We are currently still setting it up because we are adding more services, setting up the pipelines, and many other things behind the scenes. It's not as simple, it is tough to implement.

The price of Azure Active Directory and Amazon AWS, are almost the same, but most people prefer Amazon AWS because they find it's a little cheaper to some extent and an easier platform to use. 

The prices we pay for the solution can vary because we are adding more services a lot of the time, the price keeps going up and down. The price has been one thousand before but we are still adding more services. The price depends on what services you are using.

We are paying for support to use this solution which is an additional cost.

People have personal preferences in respect to choosing a cloud provider because there are many out there. In terms of support, you have to know exactly what you're looking for and get the pricing figured out. It is important to come up with a proper plan for the implementation.

I rate Azure Active Directory an eight out of ten.

The solution is our main authentication on our authorization platform to get access to our resources.

The solution is deployed on cloud with Microsoft Azure as the provider. We have around 100 people using this solution in my organization. 

We're using the whole suite: device management, user credentials, everything that's possible.

I would not recommend any changes or improvements right now, in terms of the organization. I think something that is key would be the group policies replication over the cloud, in order to prevent or to avoid relying on the on-premise Active Directory servers and to manage group policies.

I have been using this solution for a year.

The solution is stable.

It is scalable.

We have plans to increase usage. We have been increasing over the past year. I believe we started with about 30 people, and now we have almost 100.

We have only contacted technical support once or twice in the last year. They were very simple tasks.

Setup was very simple initially. Deployment took no more than six weeks, and we only needed two people.

We used a partner to help us and guide us on the deployment.

The licensing costs are yearly. There is a standard fee per user.

I would rate this solution 9 out of 10.

With a more complex environment, more complex tools are implemented. My thoughts are that they need to have a right and current inventory of applications that are compatible with single sign-on to properly implement that functionality, for example.

The solution is deployed on a public cloud. We are using Microsoft Azure.

There is on-premises AD and cloud AD. We are able to sync the solution and use the load technology and password management features.

The most valuable features in Active Directory are the password writeback product and the MDM technology.

The on-premises AD comes with a lot of options and group policies. With the group policies, we are using screen saver a lot, and it is messing up Azure AD and isn't working effectively. We are also using MDM technology through Azure. For Android the MDM technology is okay, but it doesn't work properly on iPhones.

When we do a screen share and screenshots, it doesn't work on the iPhone. For Android, it will only work for Outlook, which is provided in the company portal.

I would like to see the group policies on the same platform on cloud.

We have been using this solution for almost two years.

The solution is stable and everything is working. In terms of connecting the web application, there is technology for single sign-on. When we use it, the solution opens very slowly. It might be a bandwidth issue, and some content will not work on that portal.

The solution is scalable. We haven't had any issues.

We have 500 people using this solution in our company. We have increased usage, and we have plans to increase more. 

Technical support is very good. They work quickly to resolve any issues.

We are using an earlier non-premises AD, but we want to move to the cloud setup, which is easier for end users and everyone else due to the pandemic situation.

Setup was straightforward. Implementation took three months.

For the deployment process, we had a technical team of two people who did everything. They are engineers.

We used a consultant for deployment. I think we used a Microsoft partner.

It was a good experience and not very complicated. I think I realized that they are not seeing many implementations. There's a tool in Microsoft Azure called an endpoint security tool, and they don't know how to implement it.

We have a yearly license.

I would rate this solution 9 out of 10.

This product is very nice. It's a legacy application, so the people using it are very familiar with it.

We primarily use the product for the authentication for all of Office 365. It is also my single sign-on solution.

The solution is stable.

It's a very easy product to set up.

The product can scale well.

Technical support has been great.

It's an affordable solution.

The synchronization with my AD is not the best. The synchronization between my AD and Azure AD needs improvement. For example, for reports, et cetera, due to the fact that now I have two different ADs - one for local AD and another for Azure AD, the types of fields in the local AD do not sync with Azure AD. It's completely different.

I've been using the solution for four or five years at this point. 

The product is stable. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. The performance is good. 

The scalability is great. You can expand it as needed. We have about 2,000 users on the product right now. 

We've used technical support in the past. They have always been excellent. We're quite happy with its capabilities. 

Previously, I used Okta. I switched to Azure AD due to the fact that it's part of Office 365. It does not have a cost. It's not exactly free; it's part of the Microsoft bundle.

We found the implementation process to be quite straightforward and simple. It's not overly complex or difficult. 

It's pretty inexpensive to use the product, as it comes with the general Mircosoft bundle. Its costs are baked into using Microsoft in general. It makes it pretty affordable. 

I'm an end-user of the product.

We're always on the latest version of the product. Being on the cloud ensures we are always up-to-date on versions. 

I'd rate the product at an eight out of ten.

We use Azure Active Directory to make the computers have policies that we inspect. This allows us to deploy software and block the CMD from the user. Additionally, we deploy the desktop systems with password policies.

Azure Active Directory has helped the organization maintain the user policies of their computer systems.

Azure Active Directory has useful policy assigning and management.

I had some issues with the Azure Active Directory on Windows XP. However, it worked well on Windows 7.

The password policy that we had in place caused some system lockups.

I have used Azure Active Directory within the last 12 months.

The solution is stable.

Azure Active Directory is easy to scale. You can add new employees, by adding their device to the domain assisting.

We have approximately 300 people using this solution in my organization.

My organization plans to continue to use Azure Active Directory.

The technical support has been helpful.

The installation was simple. I did the flash OS installation, created the role of the Active Directory, and deployed the GPO. The full process of implementation takes approximately one hour and setting the Active Directory domain takes approximately 30 minutes.

I did the implementation of Azure Active Directory.

The company I work for has more than 10 branches, we no longer have to go to the branch outside the city to have the application installed on the user's devices. When you have Active Directory, you only need to connect it to the device and then the information will automatically populate. The process was more automated.

The price of the solution's license is good.

I rate Azure Active Directory an eight of ten.

I am a systems manager. I use Azure Active Directory every day for my support job.

Our authentication tools to single sign-on portals are hosted in different cloud products, like Amazon or GCP. So, we create an enterprise application and Azure Active Directory to give our users for authentication access to various public URLs.

Before Azure Active Directory, it took effort to provide cloud access to on-premises users. With Azure Active Directory and AD Connect, we are able to sync on-prem users to the cloud with minimal effort. We don't have to manage keeping multiple entities for the same user.

The multi-factor authentication (MFA) is one of the best aspects of the product. 

The security features are great. They will report in advance to you in the case of suspicious activity. 

The GUI is pretty enhanced. You can configure applications or do whatever they need to do. 

Azure Active Directory currently supports Linux machines. However, the problem is that you get either full or minimal access. It would be very nice if we could have some granular authorization modules in Azure Active Directory, then we could join it to the Linux machine and get elevated access as required. Right now, it is either full or nothing. I would like that to be improved. 

We have the ability to join Windows VMs to Azure. It would be nice if we could have some user logs, statistics, and monitoring with Azure Active Directory.

When we subscribe to MFA, the users get MFA tokens. However, it is not a straightforward process to embed any of the OTP providers. It would be good if Microsoft started embedding other third-party OTP solutions. That would be a huge enhancement.

I have been using Active Directory for two years.

This product is used every second of every day.

The solution offers nice stability and performance. 

In my organization, there might be as many as 60,000 people who utilize the solution. 

The scalability is awesome. You don't even need to think about scalability because Microsoft manages it.

We use it on a daily basis.

The support could be better. Lately, they sort of dropped off a bit in terms of quality. Recently, Microsoft support has not been doing such a good job. Previously, they used to do a good job.

In the past, AD Connect was not syncing. It threw errors in the beginning. So, I had to call up technical support to solve the problem. At the time, we were satisfied with their assistance.

I am also using AWS.

Azure Active Directory is not an Active Directory product. It is just the application proxy. You need to have an on-prem solution. Azure Active Directory would just be a proxy that uses the on-prem data and hosts the application. It is not a full-scale Active Directory solution. However, it has a lot of enhancements. The traditional on-prem Active Directory hosts the users and computers as well as some additional group objects. 

On the other hand, AWS Active Directory has all the capabilities of the traditional Active Directory with limited access for the administrator. All domain administration and sensitive credentials will be managed by AWS. So, you don't need to worry about application delays or syncing issues.  

The initial setup is simple.

It is pretty easy to set up the product. You subscribe in Azure Active Directory. By default, it will have an extension where you need to register. If you need a custom domain name, then you need to register with your public DNS providers to create the DNS public entry. You will then have to prove that you own the domain name. Once it has been proven, then your Active Directory pretty much works. 

If you need to sync up your on-prem users with the Azure Active Directory, then you need to have an AD Connect server installed at the VM-level domain. It should be credentialed so AD Connect can use credentials to read your on-premises and sync it to the cloud. Once this has been done, you are good to go. As an enhancement, for whatever user you are syncing, you can mandate them by adding them to a group or rolling out an MFA policy.

Since it is pretty straightforward, you just need one person to deploy it.

I implemented it in an hour.

Some maintenance is required. However, it is not on Azure Active Directory's part. Rather, it is for AD Connect. Often, we see that the connection is getting lost or something is not happening. Sometimes, port 443 might not be open from your on-prem Azure Active Directory. In that case, if you haven't implemented it in the beginning, then you need to do this. For a high availability solution, if you find that the machine is having additional issues, then you might need a higher AD Connect device. I would probably also deploy it with a different availability.

The solution has three types of tiers:

1. E1 has very basic features. 
2. You get limited stuff in E2 and cannot have Office 360 associated with it. 
3. E3 is on the costly side and has all the features.
   

If you need to have an Exchange subscription or email functionality, then you need to pay more for that.

We are using both the on-premises version and the SaaS version.

I would advise potential new users to learn a bit about the product before jumping in. If you are new, you need to do background research about Azure Active Directory. You also need to understand its purpose and how you want to leverage it. When you have a draft architecture in place, then you can go ahead and implement this solution. If it needs to be reimplemented, it is just a matter of five minutes.

I would rate the solution as nine out of 10.

We have integrated our internal applications and cloud applications with Azure AD. We also have a few external applications for which we need to implement a self-service portal and handle requests such as password reset.

We have external applications such as Cloudspace, and we have integrated Azure AD with Cloudspace. We mainly use a single sign-on. Our main target is to go through all single sign-on applications and integrate them with Azure AD. We also need to audit everything in Office 365. Our mail system is Office 365, and we also do some auditing.

We are also implementing Intune. We have deployed some basic policies for mobile devices, and we are working on improving those policies. We need to configure conditional access and improve policies for the applications and devices. We are doing some testing, and it is in progress.

In terms of deployment, we have a hybrid deployment of Azure AD. We have the 2019 version of AD on-prem.

We are able to do complete onboarding through AD. The users have access through the AD login, which is synced with Azure AD. We have a hybrid environment, and every cloud application is accessed through AD. We have defined AD policies related to password expiration, limitations, etc. It has provided smoother accessibility.

Previously, when we had on-premise AD, to reset their own passwords, users had to use a VPN or bring their laptop to the office. With self-service, users can easily change their passwords. This reduces the workload for IT support. If their password gets locked, they can unlock it themself by using Azure AD. Previously, it was also difficult to integrate with external applications, but with Azure AD, integration with external applications is easier. 

Azure AD makes it easier to see and monitor everything in terms of access. We can see sign-in logs or audit logs, and we can also integrate devices by using Intune. So, we can manage BYOD devices inside the organization.

We are using Conditional Access, MFA, and AIP. We have integrated it with Intune, and we already have DLPs.

Application integration is easy. MFA and password self-service have reduced most of the supportive work of IT. We use multi-factor authentication. Every access from a user is through multi-factor authentication. There is no legacy authentication. We have blocked legacy authentication methods. For people who use the MDM on mobile, we push our application through Intune. In a hybrid environment, users can work from anywhere. With Intune, we can push policies and secure the data. 

The audit logs are very good for seeing everything.

We started using it at the end of last year.

It is stable. I haven't faced any issues. There could be some issues related to syncing because of on-prem, but overall, it is quite stable.

I don't have much experience with scalability. I only use tier one or Premium P1, and I want to move to Premium P2 that has more security levels and more advantages.

In my previous companies, there were a thousand users. In my current company, we have less than 500 users. It is working fine, and there are no issues.

We plan to expand our usage. If it is possible, we plan to upgrade our subscription to Premium P2. We have introduced it to one or two companies who were looking for such a solution. We have already introduced the Azure AD hybrid platform for companies that had only an on-prem setup.

Sometimes, there are issues, but they are usually because of user mistakes. We are able to fix such issues. We are able to find the issue and do troubleshooting. We are able to find information about what is wrong and how to fix it. 

Their support is okay. They are able to resolve the issue, but sometimes, there is a delay because the ticket goes to the wrong person or the wrong time zone. I would rate them an eight or a nine out of 10.

We have only been using Microsoft solutions.

It is easy to deploy and not complex, but it also depends on your requirements. We have tenants and subscriptions, and we connect AD to Azure AD through Azure AD Connect, and they are periodically synced.

The connectivity took a day or two. It doesn't take long. Sometimes, there could be issues with on-prem because of not having a standardized setup or because of parameter duplication, but after we resolve the issues, it doesn't take long. For its setup, only one person is generally required.

It was implemented by me, and I also had one guy's support. 

Our infrastructure team takes care of the maintenance part. They are taking care of monitoring. If there is an alert or something happens, they take care of it. It doesn't require much maintenance. One person can manage it.

We have been able to achieve our target and requirements for security. After the move to Azure AD, the security level is high. The users have to change passwords and do MFA a few times if something goes wrong, and if they can't, the device is going to block them. Sometimes, users are not happy, but at the organizational level, it is good. It is costly, but the improvement is good in terms of performance and security.

It is a packaged license. We have a Premium P1 subscription of Office 365, and it came with that.

Two or three years ago, we were looking at some open-source solutions.

I would rate Azure Active Directory a nine out of 10.

We are using it for all non-structured data and as an identity manager for all of our accounts. In addition, we use it also to authenticate Google services, because we have Google Workspace for email, and to integrate other tools with our services. We are able to keep it all going, balanced, and synchronized. It's very good. We use it for just about everything that we need to do an identity check on.

We couldn't live without the Active Directory services. It has helped to improve our security posture. We have a lot of users and hardware to manage and we can do that with Active Directory.

The most valuable feature is the ability to deploy and make changes to every workstation that I need to. We use it to control policy and I can apply the right policies to all our 1,500 workstations, notebooks, et cetera.

I have been using the Active Directory solution for three years. I'm responsible for almost all infrastructure services in our organization.

It's pretty stable. In the three years, the service has never been down.

As far as I know, it works for 10,000 and 100,000. It's just difficult to find current information, such as how much hardware and how many licenses we would need to keep it going. But it's scalable and works really well. We can keep adding servers and scale up or out.

We don't have another company that provides support for Active Directory. On my team, there are three people who work with it, and we have about 2,000 users in our company.

To be honest, I can barely navigate Microsoft's support. Microsoft is so well-known and there is so much information to look up on the internet, that we have never come to the point where we have actually had to open an issue with Microsoft's team. We can almost always find out the information that we need by looking it up with Google or in Microsoft's Knowledge Base.

We used to use LDAP, a free tool, but since almost all of our hardware needed integration, we had to move to Active Directory. We couldn't apply the policies that we needed, using open source, and we couldn't keep the integration going the way we needed to.

We are really happy with how the functionality Azure Active Directory gives us. I have a security policy applied to all workstations. Before, all of our users could configure their machines the way they wanted to. As a result, we often had to reconfigure and do other things to them as well because the computers were crashing. We almost don't have to do that anymore.

The trick was to immigrate from LDAP. We had to get all the properties from the files into Active Directory, so it took some time. When we did that, there were some issues with the system and we had to do it manually. It would be nice if they had a service that would make it easier to migrate from LDAP to Active Directory, keeping all of the properties from files and non-structured data as well.

It gives a good return on investment. The amount of first-level support we have had to give internally has dropped a lot since we applied the policies and restricted our users. But our users are now more satisfied because their computers don't have the issues that they had before. Before Active Directory, there were many issues that our users complained about, like worms and malware. We don't have those issues anymore. Even with endpoint protection we had some cases of viruses in our company, but now we don't have them either.

Directly, I couldn't calculate the return on investment, but indirectly we saved by reducing work for our team, and we are keeping our users satisfied.

The process for buying licenses from Microsoft is somewhat messy and really hard to do. We have to talk to someone because it's hard to find out how many licenses we need. If I'm applying for 2,000 users, how many Windows licenses do we need?

They could also charge less for support. You buy the license, but if you want to keep it in good standing, you have to pay for the support, and it is expensive. It's okay to pay for the license itself, but to pay so much for support...

We were thinking about buying another tool, to be capable of managing and keeping all the identities within our organization current. But we had to go straight to Microsoft because there are no other solutions that I know of. By now, almost all organizations are using Windows 10 or 11, and it would be hard to achieve the possibilities that we have with Active Directory if we used another service.

We are integrated with NetApp because we use NetApp storage. It's pretty awesome. We are also integrated with many others, such as our data center hardware with storage from IBM. We're using it for logging switches, as well. It works really well.

My advice to others would be to look at the options and focus on how you can pay less. Do the research so that you buy just the essential licenses to keep it going. If you don't do the sizing well, you can buy more, but it's expensive to keep it going and pay for support.