Microsoft Entra ID Reviews

We use it mainly for our Office 365 files. The integration between the two is interesting. It's been a learning curve.

Overall, it's not a very intuitive solution.

When you have an Office 365 enterprise subscription, it comes with Azure Active Directory. We don't have a subscription to Active Directory, but our Active Directory connector puts our credentials into the Azure Active Directory. On the Office 365 side, we're also in the GCC high 365, so it's a lot more locked down. There are a few things that aren't implemented which make things frustrating. I don't blame the product necessarily, but there are links and things within there that still point back to the .com-side and not the .us-side.

There's a security portal and a compliance portal. They're being maintained, but one's being phased in and the others are being phased out. Things continue to change. I guess that's good, but it's just been a bit of a learning curve.

Our Office 365 subscriptions are tied to our on-prem domain — I have a domain admin there. With our Active Directory connector, our on-prem credentials are being pushed to the cloud. We also have domain credentials in the cloud, but there's no Office subscription tied to it, just to do the administration stuff. I moved my sync credential to have a lot more administrative privileges. Some of the documentation I was reading clearly showed that when you have this particular ability right on the Azure side, and then you have another ability on the Office side, that intuitively, the Microsoft cloud knows to give you certain rights to be able to do stuff. They're just kind of hidden in different places.

Some things are in Exchange, and some things are in the Intune section. We had a few extra light subscriptions that weren't being used, so I gave my microsoft.us admin account a whole other subscription. In the big scheme of things, it's roughly $500 a year additionally — it just seems like a lot. I didn't create a mailbox for that and I was trying to do something in Exchange online and it said I couldn't do it because I didn't have a mailbox.

You can expect a different user experience between on-prem and online. Through this cloud period, we have premiere services, we have a premiere agreement and we had an excellent engineer help us with an exchange upgrade where we needed a server. We needed an OS upgrade and we needed the exchange upgrade on the on-prem hybrid server. We asked this engineer for assistance because my CIO wanted to get rid of the on-prem exchange hybrid server, but everything that I was reading was saying that you needed to keep it as long as you had anything on-prem. We asked the engineer about it and he said, "Yeah, you want to keep that." In his opinion, it was at least going to be two years. So at least I got my CIO to stop talking about that. It's just been an interesting time in this transition between on-prem and in the cloud.

In a secure environment, a lot of this stuff is PowerShell, which is fine. It's a learning curve, but if you don't use it all time, then it's a lot of back and forth with looking at the documentation and looking at other blogs. If you're in a secure environment, the Windows RM (remote management) stuff can be blocked, and that's frustrating, too.

I have been using this solution for roughly five months.

It's definitely both stable and scalable. I used to work in an environment where we had a couple of onsite engineers from Microsoft and I worked on Active Directory — I did that for four years. We did the Active Directory health check, so I actually worked with the engineer for a week and went through our Active Directory. At the time, Microsoft said it was one of the top five most complicated forests out there. We had 150,000 users and 18 domains across the globe supporting the military, so it was pretty big. 

We have experience with their premier support. We have a live audit coming up shortly so we don't have a lot of time to waste, waiting for support to get back to us — unless it's very critical. 

I wasn't involved in the initial setup, so I cannot comment on that. 

We used an integrator, however, we don't speak of his name anymore. 

I think we're on the E3 — I think it was about 35 dollars per user. We may go up to the E5, which includes Project Online and the telecom service in TEAMS. We're in the process of rolling out Office 365 internally. We've had really great feedback that people really like TEAMS and we want to move there. 

We had a roadmap meeting with Microsoft a few months ago. Some of the more accessible types of things were on the roadmap for the first quarter of this year. I know that Microsoft's working hard at listening to their customers, especially through COVID. Collaboration has changed. They also have military folks, that's why they created the GCC High. Once they got into the GCC high, they're like, "Oh, we need to collaborate a little bit more." So they've been pushing a little bit more on integration. We're not going to have that kind of clout where I am, but where I used to work, we would've. 

Overall, I would give Microsoft Azure Active Directory Premium a rating of four out of ten. They could really benefit from some better user-training. 

A lot of our clients basically want to go to the cloud and they don't know how to proceed with doing so. The first thing we recommended is to make sure their identity is in Azure AD as a hybrid approach. We're not getting rid of their on-premises environment, and instead basically, if they're planning to go to Office 365,  they will be able to take advantage of the Azure Active Directory.

Especially nowadays, people are working from home and we have a client that we actually started migrating to Azure Active Directory and moving some of their applications into the cloud. Since COVID struck, and a lot of people are working from home, since the data center's on-premises, it is very hard for them to bring all of their users into VPN and some of them there are outdated and they can't really accommodate the number of users that are working from home.

However, with Azure AD, some of their applications we have in there they can access from anywhere - even from their home basically, as long as they have internet access. Some of the applications we brought into Azure AD include the Windows Virtual Desktop to basically run their application in the cloud. We built a gateway to their own premises data center and they go into the Windows Virtual Desktop and they can authenticate using Azure AD and then they can access their on-premises application. It's basically the transition from being on-site all the time to working from home. It's a smooth transition because of Azure AD.

The solution's ease of use is one of its most valuable features. You can access it anywhere and the integration into existing and some legacy applications is good. You can plug into single sign-on self-service, password reset, or conditional access. If you're inside, you don't need to do multi-factor authentication, MFA's, built-in. 

The licensing could be improved. There are premium one, premium two or P1, P2 licensing right now and a lot of organizations are a little bit confused about the licensing information that they have. They want to know how much they're spending. It's not really clear cut. 

Transitioning to the cloud is very difficult. They need the training to make it easier. They should probably put in more training or even include it on the licensing so that there are people that manage their environment have somewhere to come to learn on their own. Maybe there could be some workshop or training within Azure. 

The solution could offer better notifications. They do upgrades once or twice a year. They need to do a better job of alerting users to the changes that are upcoming - especially on the portal where you manage your users and accounts. There needs to be enough time to showcase the new features so your organization is not surprised or put off by sudden changes. 

I've been at this organization since 2016, and therefore have been working with the solution for four years.

The solution is pretty stable. Once in a while, we get notifications and do a health check if some things are not working or there is some feature or some issue that is acting up. However, that is very seldom.

Scalability is really not a problem. You don't have to really worry about that as it's more of a service. It's not like having your own AD that you need to span the main controllers or to purchase hardware. Scalability from 250 users all the way up to a hundred thousand users can be accommodated easily.

Technical support can be hit and miss sometimes. You get like a first-year technician and you don't get the right person. It gets bounced around and eventually, it's either we fix it or somebody's smart enough to know what the issue is. If I was going to rate it from one to 10, say 10 is the best and one is worst, I'd rate it at 7.5 or so.

We've been doing implementations for a while now so for us the initial setup is straightforward. It becomes complex if a company is coming from a complex environment in the beginning, however, nowadays it's straightforward.

While planning, the first thing we do is an assessment and then we go to the design phase from the assessment on what the company has. Then, from the design phase, we designed the Azure infrastructure and do the implementation. The first thing is, of course, the identity. In general, deployment takes two or sometimes three months.

The initial investment is high due to the migration if you have a legacy environment like an on-premise Active Directory. However, after that initial investment, you're just paying for the license to hold your information and that has your Active Directory. There's a return on investment probably after few months. In that time, you'll get your money spent back due to the fact that you don't have to purchase a lot of hardware initially. The initial investment is really only to migrate your information or your data. That's where there are costs for a company usually.

It's offered as a service. We're using the latest version. We use it with various versions of the cloud (public, private, cloud). That said, a lot of the time the organization also has already some Active Directory on-premises, and that is something that we help out with in terms of bringing them to the cloud, to the Azure Active Directory.

I'd advise new users not to be afraid to go to the cloud. The cloud has a lot of benefits, including software as a service, SaaS applications. You don't have to worry about hardware updates, or maintaining a license for different applications. Just go start small. If you're worried, start as a hybrid, which is most of the time maybe 80%, 90%. You can go from lift and shift to Azure Active Directory. If you're a new company, just go right to the cloud. It's easy. You don't have the legacy infrastructure to worry about.

Going to the cloud is as secure as ever. I feel a lot of organizations when you go to the cloud, especially Azure Active Directory, think you're sharing a piece of a rack due to the fact that it's in the cloud with Azure companies. It is a bit more complicated than that. However, the security is there. Azure Active Directory and going into the cloud has been around for 13 years. It's no longer a new or scary subject.

Overall, I would rate the solution at a nine out of ten. If they fixed little things like notifications and licensing issues, I would give them a perfect score.

Microsoft Entra ID has made our organization more secure. 

The tool's most valuable feature is conditional access. 

The product needs to improve its support.

I have been working with the product for five years. 

Microsoft Entra ID is stable. 

The product needs to improve support. There are many steps before you get to someone who can solve the issues. 

Neutral

Microsoft Entra ID's deployment is easy. 

Microsoft Entra ID helps save money since you don't need a second MFA solution. I rate it a nine out of ten. 

We use the solution for single sign-on. 

The product is easy to use. 

Microsoft Entra ID should improve workload identities. It should set conditional access. 

I have been using the product for six years. 

My company has 5000 end users. I rate the product's scalability a nine out of ten. 

The tool's support is not good. However, the documentation is good. 

Negative

The tool's deployment is easy. 

We relied on two resources for deployment. 

I have seen ROI with the tool's use. 

The solution was fairly priced the last time I checked the costs. 

Microsoft Entra ID has helped us save money. It also helped us save 70 percent of the time. I rate it a nine out of ten. 

It gives us security when integrating all the Active Directories of all our branches together, giving us a centralized database and authentication.

It has helped save time for our IT administrators. It's seamless for the users because they simply log into the stations, but it's affecting the response time and efficiency of the IT team.

Active Directory itself is the best feature it has. It also gives us a single pane of glass for managing user access.

I have been working with Azure Active Directory for almost a year.

So far, it has been a stable solution.

It is scalable.

We did not have a previous solution.

I am working right now on whether we have seen ROI from the solution.

We are always looking for better pricing. Our agreement is on a monthly basis.

We're planning to use conditional access to access controls, but we have not done so in the meantime.

The solution doesn't require much maintenance; we're talking about two or three people.

When we access the API, we use Microsoft Authenticator. Something with potential will be saved, and if the company has some use cases to connect to some database, I will use it as well, or something along those lines.

Normally, because a third party requires it.

It provides you with security. It provides the third party with some level of security.

But vendors like myself do not appreciate it.

The most valuable feature of this solution is that is easy to use.

It is also automated.

I believe it can also be integrated into other Microsoft products, as well as more integrations with other solutions.

I have been working with Microsoft Authenticator for two years.

I am working with the most recent version.

Microsoft Authenticator is quite stable.

I would rate the stability of Microsoft Authenticator a ten out of ten.

Microsoft Authenticator is a scalable solution. 

I would rate the scalability of Microsoft Authenticator an eight out of ten.

As far as I know, we have more than 30 users in our organization. Some are senior professionals and some are developers.

I have never dealt with technical support.

I use UiPath as well as Automation Anywhere.

I started with Authenticator and then moved on to the Namespace version or class that I can import from Microsoft.

I would rate the initial setup a ten out of ten.

It was easy.

It only took a few hours to deploy.

It's an out-of-the-box deployment, but I am not the one who manages it.

One person was involved in the deployment.

I would recommend this solution to others who are interested in using it. It is easy to use and it fits its purpose.

Because it is scalable and reliable, I would rate Microsoft Authenticator an eight out of ten.

We had the need to integrate the solution that we had on-premise and the email-based identities, so we looked for a solution from the same provider that could establish us and provide a synchronized identity (what we know today as SSO) in our resources and thus be able to log in with the same identities we had on-premise and in the cloud. 

We wanted to take advantage of that synchronized identity quickly, simply, and safely. It was important to understand that users today want to have a single password for all resources, be they applications, or devices, in order to help them so that they are not constantly learning different credentials and can thus be faster and more efficient when establishing a single login.

It has given us the ability to be able to establish single sign-on identities in which we can establish credentials no matter where we are, whether it is on-premises or in the cloud, in a hybrid cloud, or in an additional connection from another cloud where we share equipment or host. 

Additionally, we enabled more protection functions so that it is well protected even though it is a single credential for each environment and established for any environment it could be safely protected.

Its most outstanding feature is the ability to integrate, segment, establish, add and configure an identity for multiple domains in different regions, locations, or types of clouds. It is one of the hybrid solutions that can be used the most to establish an entity configuration in multiple environments. It is a tool that has given us the ability to establish identity security issues to share and perimeter segment the security of an organization, a domain, and multiple clouds in a fast, simple, and well-established way, which has allowed us to be more efficient.

I want to see new functionalities for the active directory. I would like to be able to establish that when you log into computers locally, it is installed on a laptop and you can enable the MFA feature that is currently not available for local computers or Windows on-or off-premise - thus being one of the characteristics that can give greater added value to information security issues. 

If this feature was available on computers, it would help us in the future to avoid security breaches, information loss, or data backup vulnerabilities. In many cases, this could generate a complication. However, we always want to innovate, and the Innovation part is always to ensure that any place, device, or management that we are going to establish at the computational level is 100% secure.

We've used the solution for one year and two months.

This solution is useful for user management because it is integrated with DNS.

The solution is deployed on cloud and on-premises. We're using the latest version.

We have about 200-250 users. All of our users have local and Active Directory. We don't have plans to increase usage.

It's user friendly.

The solution could be cheaper.

We have been using this solution for about five years.

It's stable.

The solution is scalable.

Technical support is good.

Installation is straightforward. It only took a couple of hours to set everything up.

We pay a yearly license. Licenses are very expensive.