Coming October 25: PeerSpot Awards will be announced! Learn more

Azure Active Directory (Azure AD) OverviewUNIXBusinessApplication

Azure Active Directory (Azure AD) is #1 ranked solution in top Single Sign-On (SSO) tools, top Identity and Access Management as a Service providers, and top Access Management tools. PeerSpot users give Azure Active Directory (Azure AD) an average rating of 8.8 out of 10. Azure Active Directory (Azure AD) is most commonly compared to Google Cloud Identity: Azure Active Directory (Azure AD) vs Google Cloud Identity. Azure Active Directory (Azure AD) is popular among the large enterprise segment, accounting for 66% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 21% of all views.
Azure Active Directory (Azure AD) Buyer's Guide

Download the Azure Active Directory (Azure AD) Buyer's Guide including reviews and more. Updated: September 2022

What is Azure Active Directory (Azure AD)?


Azure Active Directory (Azure AD), part of Microsoft Entra, is an enterprise identity service that provides single sign-on, multifactor authentication, and conditional access to guard against 99.9 percent of cybersecurity attacks.

Azure Active Directory (Azure AD) is a cloud-based identity and access management service. This service helps your employees access external resources, such as Microsoft 365, the Azure portal, and thousands of other SaaS applications. Azure Active Directory also helps them access internal resources like apps on your corporate intranet network, along with any cloud apps developed for your own organization.

Azure AD is intended for:

  • IT admins: As an IT admin, use Azure AD to control access to your apps and your app resources, based on your business requirements. For example, you can use Azure AD to require multi-factor authentication when accessing important organizational resources. You can also use Azure AD to automate user provisioning between your existing Windows Server AD and your cloud apps, including Microsoft 365. Finally, Azure AD gives you powerful tools to automatically help protect user identities and credentials and to meet your access governance requirements.
  • App developers: As an app developer, you can use Azure AD as a standards-based approach for adding single sign-on (SSO) to your app, allowing it to work with a user's pre-existing credentials. Azure AD also provides APIs that can help you build personalized app experiences using existing organizational data. 
  • Microsoft 365, Office 365, Azure, or Dynamics CRM Online subscribers: As a subscriber, you're already using Azure AD. Each Microsoft 365, Office 365, Azure, and Dynamics CRM Online tenant is automatically an Azure AD tenant. You can immediately start to manage access to your integrated cloud apps.

Azure Active Directory (Azure AD) was previously known as Azure Active Directory.

Azure Active Directory (Azure AD) Customers

Azure Active Directory is trusted by companies of all sizes and industries including Walmart, Zscaler, Uniper, Amtrak, monday.com, and more.

Azure Active Directory (Azure AD) Video

Archived Azure Active Directory (Azure AD) Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Vice President of Technology at Ecuity Edge
Reseller
User authentication that is reliable and scales well

What is our primary use case?

I am using this product for user authentication.

What needs improvement?

I think the documentation and configuration are both areas that need improvement. 

The product changes and gets updated, but the documentation doesn't keep pace.

The initial setup could be simplified.

I would like to see a better UI tool.

For how long have I used the solution?

The company has been using this solution for approximately four years.

We are using the latest version.

What do I think about the stability of the solution?

It's a stable solution. We have not experienced any issues.

Buyer's Guide
Azure Active Directory (Azure AD)
September 2022
Learn what your peers think about Azure Active Directory (Azure AD). Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
633,184 professionals have used our research since 2012.

What do I think about the scalability of the solution?

Microsoft Azure Active Directory Premium is a scalable solution. It scales very well.

We all use this solution daily. We are a team of five the company.

Which solution did I use previously and why did I switch?

The most valuable feature is the ease of scalability.

How was the initial setup?

The initial setup is fairly complex.

We are a smaller company and it only took us two days to deploy.

What about the implementation team?

We did not use an integrator, we used in-house knowledge.

What other advice do I have?

If you are familiar with Microsoft, this is the product to use.

I would rate Microsoft Azure Active Directory Premium an eight out of ten.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner, Reseller
PeerSpot user
Pete Fotopoulos - PeerSpot reviewer
Vice President - Network and Infrastructure at NJA LLC
Real User
Top 5
Great access control aspect of authentication, has an easy single-sign-on and is quite stable
Pros and Cons
  • "The single sign-on is very convenient for us."
  • "It would be ideal if the solution moved to a passwordless type of environment. It's the future of authentification. It's also more secure and convenient."

What is our primary use case?

We just use the solution for the authentication and the provision access control, among other tasks.

What is most valuable?

The access control aspect of the authentication is the solution's most valuable aspect.

The single sign-on is very convenient for us.

What needs improvement?

It would be ideal if the solution moved to a passwordless type of environment. It's the future of authentification. It's also more secure and convenient.

For how long have I used the solution?

I've been using the solution for about a year.

What do I think about the stability of the solution?

The solution is quite stable. I haven't heard any bad things about it. It doesn't crash or freeze. I can't say that I've seen bugs or glitches. It seems to be very reliable so far.

What do I think about the scalability of the solution?

I believe the solution is scalable, although I have not tried to scale it myself personally.

We have many people on the system, including doctors, nurses, practitioners, assistants, etc. It might be around 100 people, give or take.

How are customer service and technical support?

I've never dealt with technical support for any reason. I wouldn't be able to evaluate their services or discuss their level of responsiveness.

How was the initial setup?

I didn't handle any aspect of the implementation, as I'm not technical in any way. I wouldn't be able to specify if it was complex or straightforward or how the deployment went.

What's my experience with pricing, setup cost, and licensing?

I don't have any insights into the licensing costs. I'm not a part of the accounting or payment process.

What other advice do I have?

Our organizations has a few partnerships with Microsoft.

I don't know which version of the solution we're using. It's most likely the latest, due to the fact that it's a cloud deployment.

The only advice I have for other organizations considering the solution is this: just make sure that you have the right requirements. It's never a carbon copy. Every environment has different needs and requirements.

I'd rate the solution eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Buyer's Guide
Azure Active Directory (Azure AD)
September 2022
Learn what your peers think about Azure Active Directory (Azure AD). Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
633,184 professionals have used our research since 2012.
Mohamed Fekry - PeerSpot reviewer
Service Delivery Manager Cloud & Infrastructure Solutions at Nile
Real User
Enables our clients to build new environments and virtual machines
Pros and Cons
  • "The most valuable feature is that it is very easy to implement, you don't need a lot of effort to set up the solution. This is the most advantageous point, that you can do anything on Azure without taking too much time."
  • "I would rate it an eight out of ten. The price plays a factor in the rating."

What is our primary use case?

Most of my customers use Active Directory Premium for condition and access scenarios that they need to comply with my conditions to access my resources. They also build new environments, virtual machines, and some other products like SQL on the infrastructure as a service. There are some customers that use Microsoft Intune, which is mobile device management. Microsoft Intune is a cloud.

What is most valuable?

The most valuable feature is that it is very easy to implement, you don't need a lot of effort to set up the solution. This is the most advantageous point, that you can do anything on Azure without taking too much time.

What needs improvement?

Microsoft has a feedback page, in which if anyone has any suggestions or feedback, you can send them to them. They have all of the technical resources available on the internet, on their website. In case you need the support, you can easily open a ticket with them because you already have a subscription and you are eligible to open a ticket.

For how long have I used the solution?

I've been working with Active Directory for twelve years. I have experience with Microsoft Active Directory Virtualization like Hyper-V systems in the family for Microsoft. So, this is a 12-year journey, it has been 12 years of experience with this product.

It's currently on-premise but because of COVID, a lot of our clients are moving to the cloud. 

How are customer service and technical support?

I have contacted technical support many times for the cloud. They are good. But for on-prem, they have recently started becoming delayed. Maybe the technical resources are not very good. I know Microsoft, they are focusing on the cloud solutions more than the on-premise solutions. The support for on-premises has become not as at previous times. But for cloud solutions, they are good.

How was the initial setup?

The initial setup complexity is based on the scenario. If it's infrastructure as a service where you are building VMs, it could take you one day to complete your setup for virtual machines. 

What other advice do I have?

Whether or not I would recommend this solution, would depend on the users' needs. If their use cases fit what Microsoft provides, then I would recommend it. 

I would rate it an eight out of ten. The price plays a factor in the rating. Customers are not oriented with a cloud solution, they move forward very slowly towards the cloud, because maybe in my country big sectors, like the banking sectors, don't deal with the cloud. So customers see this and don't want to use the cloud either. They fear for their security and privacy. Although Microsoft assures that they protect their customer's data and privacy.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Jeffrey Attoh - PeerSpot reviewer
Chief Executive Officer at ZDAPT
Real User
Helpful B2B connectors with an interface that is well laid out and easy to navigate
Pros and Cons
  • "The interface is well laid out and it is easy to navigate."
  • "My only pain point in this solution is creating group membership for devices."

What is our primary use case?

This product manages access for our compute space that includes Office 365, Salesforce, and other solutions.

What is most valuable?

The most valuable features are the B2B connector and the external identity connection functionality. These are helpful.

User group management works well.

The interface is well laid out and it is easy to navigate. You can get to things quickly and it works.

The portal allows you to create reports, which is a nice feature.

What needs improvement?

My only pain point in this solution is creating group membership for devices. This is something that could be improved. Essentially, I want to be able to create collection groups, or organizational units and include devices in there. I should be able to add them in the same way that we can add users.

We want to be able to create members as devices in groups, without having to leverage a dynamic group membership with queries. I want to be able to just pick machines, create a group, and add them.

For how long have I used the solution?

We have been using Active Directory Premium for four years.

What do I think about the stability of the solution?

This is a stable product.

How are customer service and technical support?

I have only used technical support on one occasion and I found it to be pretty good.

How was the initial setup?

The initial setup is straightforward.

What other advice do I have?

I have not used this product to its full extent but from what I have used, I find that it works well.

My advice for anybody who is implementing AD Premium is to understand what it is that they're going to use and how they're going to manage identity. I suggest doing a lot more in terms of identity governance.

I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Software Engineer at a computer software company with 10,001+ employees
Real User
Easy to manage and integrates well with third-party applications
Pros and Cons
  • "The ability to grant access to other organizations is helpful."
  • "Microsoft needs to add a single setup, so whenever resources join the company or are leaving the company, all of the changes can be made with a single click."

What is our primary use case?

We are a software development company and solution provider, and this is one of the products that we implement for our clients.

This is an easy way to give users access to applications. I can share access with other organizations outside of our network.

What is most valuable?

This solution is easy to manage.

The ability to grant access to other organizations is helpful.

It integrates well with a large number of applications.

What needs improvement?

Microsoft needs to add a single setup, so whenever resources join the company or are leaving the company, all of the changes can be made with a single click.

I would like to see a secure, on-premises gateway that offers connectivity between the physical servers and the cloud. The capability already exists, but it is not secure enough when the setting is marked private.

For how long have I used the solution?

I have been using Microsoft Azure Active Directory Premium for about a year.

What do I think about the stability of the solution?

In the time that I have been using Microsoft Azure, I haven't had any problem with stability.

What do I think about the scalability of the solution?

This is the right platform if you are looking for scalability. We have more than 100,000 users.

How are customer service and technical support?

We have not needed to use technical support. 

We have a couple of contacts in the Microsoft team, so we will reach out to them in case we have any questions.

Which solution did I use previously and why did I switch?

I have recently been working with Okta, and I find that most organizations are moving toward it. With this in mind, I think that Microsoft has to take care, and consider why so many people are switching. The most important reason is the single setup. Once they set up Okta, it's easy for the organization.

How was the initial setup?

I have been working in Microsoft Azure for a long time and I find the initial setup to be easy.

What about the implementation team?

For maintenance, we have a team of 20 administrators and developers.

What's my experience with pricing, setup cost, and licensing?

Licensing fees are paid on a monthly basis and the cost depends on the number of users. There are no charges in addition to this.

What other advice do I have?

The suitability of this solution depends on the technology and the environment at the organization. Many companies are still transitioning to the cloud, leaving part or all of their data on-premises. Ultimately, it depends on the data that they have and their preference or requirements for keeping it on-premises. In some cases, people want to move only non-private data to the cloud. All of these things have to be considered before implementing Azure Active Directory.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Solution Engineer at a government with 1,001-5,000 employees
Real User
Supports our expansion of services to the cloud, but the MyApps interface needs enhancement

What is our primary use case?

We use this solution to extend on-premises Active Directory to the cloud.

How has it helped my organization?

This solution will support the expansion of services and servers into the cloud.

What is most valuable?

This solution serves as the basis to understand the MS SSO and MFA capabilities.

What needs improvement?

The SSO MyApps interface is very basic and needs better customization capabilities.

For how long have I used the solution?

We have been using this solution for six months.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Jean-Francois Richard - PeerSpot reviewer
Enterprise Security Architect at Energir
Real User
Improved user experience with SSO logins but requires role-based access controls

What is our primary use case?

How has it helped my organization?

Improved user experience with SSO logins.

What is most valuable?

Keeping the same credentials as Active Directory.

What needs improvement?

Role-based access controls.

For how long have I used the solution?

Three to five years.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Edgar Parra - PeerSpot reviewer
Senior Technical Consultant at The Instillery
Real User
Configuring the domain and setting it up in the Azure portal is as easy as three clicks. Tech support is awesome but can have its pitfalls
Pros and Cons
  • "When logging on to Azure AD it's pretty quick."
  • "Configuring the domain and setting it up in the Azure portal is just three clicks to be honest."
  • "At first, it was a bit challenging to come up with a workaround that would get authentication to work."

What is our primary use case?

The primary use case is actually one interesting one because this customer we're deploying, They don't have Active Directory on-premise, and they need to use some applications that are on-prem, so in order to get authentication to work with those applications we had to come up with a workaround. So it was challenging to come up with that workaround and solution, but it worked quite well.

Azure Ad provides great flexibility even when nothing on-prem can provide user authentication. For cases like this, Microsoft and Citrix worked together to develop a solution that not only work with Azure AD but with other Directory tools to provide authentication via SAML or OAuth.

How has it helped my organization?

When logging on to Azure AD it's pretty quick.  This is because it is managed by Microsoft and there isn't too much administrative overhead for our System Administrators in setting up a bunch of complicated policies to allow the users to log on. Basically we lock down the machine with policies but, the user authentication is much faster and simpler. This is something that the users have noticed.

What is most valuable?


Apart from MFA and the SSO capabilities, I would say one of the amazing
things is that you don't have a limit in the objects that you can create
in Active Directory in Azure. Azure AD Premium doesn't have a limit in
terms of User/Computer objects you can create,
meaning that you can have a massive AD domain and it won't matter
because Azure AD can handle that. You can have 100.000 users in your
domain and keep growing if you want to. Azure AD can grow as required
and since it is PaaS you don't need to worry about provision
more hardware to keep performance up.

What needs improvement?

The natural evolution of things because obviously Azure Active Directory has a way to authenticate against on-prem normally you would need to have a Domain Controller on-premise and have either SSO or or Federation Services to be able to engage those two components and be able to allow authentication. But, having everything on the cloud as this customer didn't want anything on-prem only their network devices and some security devices and the limited applications, apart from that, they don't have anything to authenticate users on-prem. Having everything in the cloud and Active Directory, Azure AD is not able to provide Kerberos or Kerberos authentication if you're running only Azure AD it is a limitation. I think it's the next evolution of things. That's what the future is going to look like. There will barely be a be a need for any stuff on-prem. Everything will be on the cloud.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

We find it stable. It definitely has less issues than when you have Acive Directory on-prem. In terms of your connection from Azure Active Directory to your on-prem network is, you're using say, ExpressRoute or a point to point VPN, you don't notice any authentication problems or the computer lost the relationship with the domain, stuff like that. It's something that I haven't seen since I started working with Azure AD, so in terms of the stability and being reliable and not cause too many errors when you're working with it its something that I notice, if I compare with Active Directory on-premise and Azure AD.

What do I think about the scalability of the solution?

We have a medium organization of about 4,000 users. There have been no issues with scalability. We're located here in Asia-Pacific we're using one of the data centers in Sydney, and in terms of scaling up the solution, the initial deployment and the initial design that we did has been enough. We also foresee in three or four years how the growth expectation in terms of users in, especially for one customer in particular.  We don't predict too much growth in terms of users. They're not going to grow from one year to the other in 10,000, 15,000 users but, the design can cope with that amount of users in terms of Active Directory.

How are customer service and technical support?

Most of the time that I have dealt with tech support, it's very good.  They're very knowledgeable. The specialists are spot-on they definitely understand the problem from the beginning even though they don't know anything about the environment, but when you explain it to them and what the problem is they can give you pointers on what to do, and how to fix it and articles to read on how to fix it so they're very good. I would give it five out of five stars. However, I've seen times when we had to wait a long time to get answers if the call is not a high priority one, but most of the time when you're having an urgent incident they understand the critical of the issue and act accordingly.

How was the initial setup?

Configuring the domain and setting it up in the Azure portal is just three clicks to be honest. You just need to configure your domain name, you need to configure your subscription to Azure and after that you can just start creating users or different groups that you want users on and depending on your security criteria or how many users. But, the process of actually setting up the tenancy is it's not that hard. I would say it's the work that comes after that requires time and some planning, you know. One must determine how many users you will have and how many domain controllers you need overall. I would say it's not very complicated but it's the planning and fine-tuning that comes afterwards that needs time.

What's my experience with pricing, setup cost, and licensing?

I am not familiar with the pricing of the solution.

What other advice do I have?

I don't know if it's something that's going to be addressed in the future, or not, but having Azure AD the boundary of action for Active Directory as a region when you define the domain so you can't extend the domain to another region because it's a limitation that Azure AD has that doesn't allow you to extend the domain to another region for say geolocation purposes or disaster recovery.  If you have your Azure AD on the Sydney data center, you're not going to be able to extend that to say, Singapore. But, it is not highly unlikely, but it's a very rare occasion that you lose a region or a whole data center. It can happen, obviously, but it's very unusual. So the chances of that happens are very low. When we did the design for this customer that was one of the limitations that we mentioned, and they were happy with it because you know Microsoft is a respectable company and obviously they would do the best to keep their data centers running all the time. And, to keep the cloud infrastructure for their customers online all the time. So they accepted the limitation or the risk and  we went ahead and did it. But that's definitely something that I notice as a limitation to me.

In my opinion, you have a good look at your current infrastructure and make a decision on what is fit for the cloud, and what is not, because there are certain applications, or certain systems, that it will take longer time to migrate to the cloud. Normally, this is a good approach and is actually the Microsoft approach, as they recommend you to go hybrid first. First, you do a very good assessment and then you migrate your on-prem AD to Azure AD and the systems that support your operation will follow in time, if remediations are required, but it is a journey to work better and more efficiently.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Cloud Consultant at a tech vendor with 11-50 employees
Consultant
The most beneficial feature would be the effectiveness of having a hybrid set-up. The tech support is inconsistent.
Pros and Cons
  • "The most beneficial feature would be the effectiveness of having a hybrid set-up."
  • "Initially, we wanted to exclude specific users from MSA. So, we had a condition policy, which forces MSA for all the users. So we wanted to exclude users who are using an NPS extension. So it was not listed, as a NPS extension was not listed outside an application, in actual, so, we go back and were not able to exclude users using NPS extension from MSA. So that was one limitation that we found and we had to work around that."
  • "Tech support is inconsistent."

What is our primary use case?

We need it for running MSA protection for most of the users. We need Azure AD Connect because they are highly on primary setup, so they need to sync on primary with Azure AD.

How has it helped my organization?

From the beginning when I joined the company, they were already using Azure AD Premium. The most wanted features would be the synchronization between the Windows AD, Azure AD, because there are so many capabilities that just because we can't sync their own from Azure AD.

What is most valuable?

The most beneficial feature would be the effectiveness of having a hybrid set-up. When we need to create an account, we create it in Auto Activator 3. Even though the users are created and managed in Windows really, we can use all the benefits of the cloud, as well.

What needs improvement?

Right now I can't point out a particular feature, but sometimes when we work, it evolves.  There are so many features that are out recently, so it'd be hard to set up MSA for obvious remote users, so users who are using Azure are hard to use it remotely. So, while we're setting that up, we have face of issues which show the limitations of Azure.

Initially, we wanted to exclude specific users from MSA. So, we had a condition policy, which forces MSA for all the users. So we wanted to exclude users who are using an NPS extension.  So it was not listed, as a NPS extension was not listed outside an application, in actual, so, we go back and were not able to exclude users using NPS extension from MSA. So that was one limitation that we found and we had to work around that.

We noticed recent additions on display that have been in recent updates. On the board, there are some features that still need help. 

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

The stability is pretty good. Earlier, there were freezes here and there. But, we overcame it. What w have now is stable, but they are trying to include more features.

What do I think about the scalability of the solution?

We have almost 500 users. So, it is pretty easy. They are including more features, which enhances onboarding and decommissioning users. From an actual perspective, it's pretty easy to scale.

How is customer service and technical support?

Tech support has its up and downs. So, sometimes it will take one week, and other times two weeks to resolve a case. Sometimes they have to respond fast, and they do so. It is not consistent.

What's my experience with pricing, setup cost, and licensing?

It's really affordable. It does not feel as if it is too costly. It's okay to spend this money for this product or feature. Yeah, I think it's affordable.

What other advice do I have?

If you have connections with a PSP partner, it will be easy, I guess. If you're buying an Azure AD Premium independently, you won't have a helping hand from them. You'll have support  but, not much other than that. With a PSP partner, you will feel like that you can implement or you can quadrate.

Once Azure is developed, and fully established, it will be a perfect product. It is still in the development stage at present. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user623721 - PeerSpot reviewer
Consultant with 10,001+ employees
Vendor
The ability to speed up delivery is an asset. To look at more documentation, engineering, or an open standard would be nice.
Pros and Cons
  • "It's very easy to run and it's part of their ecosystem and I don't think it's going anywhere anytime soon."
  • "The ability to speed up ability is an asset."
  • "To look at more documentation, engineering, or an open standard would be nice."
  • "Microsoft has so many different requirements and priorities that sometimes they don't invest all their energy into the products that you have expectations to investigate."

What is our primary use case?

The primary use case is collaboration. So it's all about federation of identity and permissions.

Identity is one of those things that you need to be separate from your actual tenant. There's a benefit for it being separated from your actual tenant for reasons of security and containerization. 

It's very easy to run and it's part of their ecosystem and I don't think it's going anywhere anytime soon.

How has it helped my organization?

Back in '96, '97, '98, nobody was doing intake. So that was a new thing that came in 2000. And it created the container based inherited permissions, which was new for that stage. Before that it was very static, there wasn't inheritance, there wasn't assertions. Then they introduced that and they've slowly built it, and then it just got too big and old, and really the database that MT's on is just vulnerable to all these attacks. And that's primarily why they want people to get off it. There's about four or five open attacks that make it very easy to both intercept the credential requests, and also attack the database itself.

The ability to speed up delivery is a nice benefit, because rather than having external dependencies there's a certain guarantee that if you use anything within that technology platform. Whether it's full of applications, or various other things, there havee already been regression tests by the vendor. And you don't see the same defects that you get when you have integrated systems.

What is most valuable?

The fact that it's an ecosystem in itself is probably the best one. It fits into the whole Microsoft stack. Everything this year is all about stacks, and I tend to agree. The inter-operability  and complexity of things these days is just too big. These things change too much. So you don't really want to be stuck between three technology stacks that are changing. If there's a defect, you won't know which one it's in. Trying to hold the service provider to account is quite hard. I'd probably say, yeah, stay with the stack if you can.

What needs improvement?

I guess price would be the thing, and some of the proprietary lock-in. But, I guess documentation and support would be good.

The features are fine. I wouldn't suggest any features because you can keep adding to it. But, its simplicity is that it works under its own ecosystem. It's nice and reliable. If you start adding all these extra things to it, it'll probably cause complications with some of the legacy things that are still slowly just hanging onto them. But, to look at more documentation, engineering, or an open standard would be nice.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

It's like any technology. It appears that if it did have stability problems they don't really exist anymore in the same way. It's like any introductory development technology. Because its identity, it has to be perfect. It is either secure, or it's not, and unfortunately there's a million ways for things to go wrong and there's only one way for things to go right when there's no give. You do see a lot of issues with it at the beginning.

It is mathematical. So, it's like most things. Took a while to get the XAML certificates and all that sort of stuff working. But,now it's a very common thing. You get a session certificate on your phone when you're doing things. When you join a session on your browser on your mobile phone. It's just very common things now.

What do I think about the scalability of the solution?

I'd say there's about 5,600 users of this solution in our organization.

There are set rules. But, it's a security mechanism. If you try and get your swipe card pass for your office, and then you try and integrate it with one across the road, they're literally being designed not to integrate with each other by design. This is because if you want it secure, you don't want to have it integrate. The same thing works with changing the posture of something after you've initiated it. Expect this sort of behavior.

How are customer service and technical support?

The tech support is OK. I'm talking more about the engineering structure of it. As I said, you can understand why security things have a tendency to not document it, because it's one of those things. Do you want more people to review it and make it harder, or do you want to covet it and reduce the exposure of it?  It's catch 22. You're damned if you do, damned if you don't. Doesn't matter which way you go.

Which solution did I use previously and why did I switch?

We have prior experiene with Novell. 

How was the initial setup?

It's easy in its essence, but part of the ease is like anything that seems easy is generally complex when you try and fix it because you've skipped over so many configurations. It's like a wizard that you go, "Yep, it's done." And then it breaks, and you say to yourself, "Oh, hang on, I clicked one button. How could I have done that differently?" It's a lot more stable than it used to be. They've got into a maturity plateau where they're not developing it anymore within for reasons of functionality and the product doesn't really break much.

What's my experience with pricing, setup cost, and licensing?

There's no such thing as a "free lunch." If you'd save money here, it costs money there. If you pay more upfront, you pay less when you get off. The market equals itself out, like a free market. So, it generally does. It's more about convenience at the end of the day.

As a user, I'm not an owner of the tech, so as a consumer, even if I am a specialist, I still don't own the technology. I just want to lease it, subscribe it and make sure that the owners of it are able to meet the facilities of it in its life-cycle.

Which other solutions did I evaluate?

There's a couple of other options on the market like Okta, and a few things like that. They're quite simple, and because they're separate from the whole Microsoft ecosystem, they do have some benefits in that they're completely focused on only that product and only that requirement. With Microsoft, they're like an octopus. They have so many different requirements and priorities that sometimes they don't invest all their energy into the products that you have expectations to investigate.

What other advice do I have?

Last year Microsoft had said that the onsite Active Directory ,as we know it, is going to be deprecated. So that means group policy, that means security groups, the NTLM and all that  we've relied on for so long is going to come to an end with this modern management philosophy. That's why I did those group policy changes. From group policy, which is essentially the ability to control the operating environments of managed devices, rather than that, Microsoft wants only a mobile device management policy. So it's pretty much a HTTPS or SSL assertion to manage devices off the domain, and they will all come from Intune.

So, they're not going to be managed by a set of static policies. They're going to be set by a whole heap of compliances. Does that make more sense? It's not conforming. It's when you assert yourself, and us for a particular requirement from the domain. They check your requirements per request, which takes the load off the environment quite a bit. So they only validate you when you ask.

It's a lot easier to get an engineer to understand the Microsoft stack then some esoteric random "Joe." There's just are not enough people in the field.

You're better off creating a pilot tenant on your own. You can set up one that's free using one of their 30 day trials, and while you're doing that try and make it as realistic as you can to the environment you're coming from. Make sure that it is true in terms of network, commissuib and integration. If you're going to use a MDN for mobile device management, or you're going to use applications for the federated sign-ons. Try and get as much as you can in it. You've got 30 days and they're quite liberal with allowing you to trial it.

Most of the capabilities are there internally. You can't expose external DNS names or anything and use it as an external platform, but internally you can. So spin up a VM or something internally and do the same things you would. I'd dare say: test it and prove it. You've got to prove it to yourself before anybody. I wouldn't trust anything from a brochure or anything else. Your reputation's on the line. You're doing something important for someone else and you've got to verify it yourself and put it through the paces. Spend enough time doing proof of concepts and pilots.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Ken Meyer - PeerSpot reviewer
Senior Consultant - Owner with 1-10 employees
Consultant
It's just a product that made life simpler for my clients to be able to integrate everything.
Pros and Cons
  • "The self-password reset if it's enabled and configured properly, really helps a company be able to reset rather than getting IT involved."
  • "Just because I've been in the Azure space since it started out and in the Microsoft Cloud AD since the BPOS days in the early 2000s, and it's just a product that made life simpler for my clients to be able to integrate everything."
  • "Documentation I think is always the worst part with what Azure's doing right now across the board."

What is our primary use case?

The primary use case of this solution is single sign-on, and if a company is going to use Azure AD, a lot of what they are looking for is to manage those sign-ins and logins and have a single place for it to be.

How has it helped my organization?

I've been in the Azure space since it started out and in the Microsoft Cloud AD since the BPOS days in the early 2000s, and it's just a product that made life simpler for my clients to be able to integrate everything.

What is most valuable?

The self-password reset if its enabled and configured properly, really helps a company be able to reset rather than getting IT involved. 

Additionally, the capability of adding that single sign-on for other pieces that you might want to run through Azure Active Directory, such as Office 365 or Salesforce or any number of different third party authentications that you need can be done through Azure Directory Premium.

What needs improvement?

One of the things with Windows 10 as a company client's software is that they're using it on laptops, desktops, or whatever. In Active Directory Premium, you can control the sign-in and the spaces where documents might be kept on that device with Active Directory Premium and the rights management piece.

Documentation I think is always the worst part with what Azure's doing right now across the board. You may run into an issue you get a technician that says, "Here, look at all these links through self-documentation, and then make comments to it if you want to change it or do something." It's just that the documentation itself, is not very friendly to somebody who is just going in to it. If I had to turn it over to a customer, I just don't think that documentation is that friendly to somebody who does not have in-depth knowledge.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

My impressions of the stability of the product are that it is a pretty good product. I have seen one outage in the last three years, where it just would not work. It only lasted an hour. It was a pretty big deal, but other than that it has been very dependable.

What do I think about the scalability of the solution?

It scales really easy. It's just adding more scales. It is eally easily as far as number of users are concerned, if you're talking about scaling into other apps or other things that you have. Again, there's a configuration curve there. But, if you're scaling applications or services, then there can be a little more difficulty in that.

How are customer service and technical support?

It's hit or miss. I've had more success in the last probably eight months than I had prior to that. If there's one downfall to their tech support, it's too compartmentalized. So if you're talking AD Premium, and again, with all of the different pieces to it. If you have a single sign-on issue, you might get a different technician than you would get for a joining a VM to Azure AD or whatever. They compartmentalize their tech support, and I will say to myself, "Well, just give me a guy that knows what's going on." But, then they get very compartmentalized in their tech support. They have to bring somebody else in, or have to research or do whatever. So, that's the one criticism that I have. Response has been excellent. They get you well within their SOAs, depending on what you've got paid for tech support.

How was the initial setup?

It's pretty straightforward depending on what your needs are.

What's my experience with pricing, setup cost, and licensing?

Licensing is easy.

What other advice do I have?

The biggest piece of advice is if you're planning for all applications that need authentication, and making sure that all applications that need authentication or that you're going against, that you're using the premium parts of Active Directory for, are compliant with the solution and not finding out afterwards.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Rajeev Jha - PeerSpot reviewer
Database Manager at Wartsila India Ltd
Real User
It is a helpful solution for employees working from home. We also like that it is on the cloud.
Pros and Cons
  • "It is a really nice tool and we have a license for the more complex model."
  • "I like the way it communicates to the cloud."
  • "Whatever business requirements we needed in the past three years, users were created, with the name of the user and they were not connected with the Active Directory. We were trying to in house in three years and with directory, but we were not able to achieve it."
  • "Be aware that it may not work perfectly globally yet. There are still glitches with the solution in Africa."

What is our primary use case?

My primary use case is for our business directory, we have integrated everything into Azure into the Active Directory. 

How has it helped my organization?

We basically use this for Skype. We are using the cloud environment and we need the Active directory to be ticketed so if we can call and they can log in at the moment. Apart from that, we use it for video connections. If people are working from home, it is helpful that it is in the cloud. At the moment, we do not need to go for the VPN, and then we can connect. For this purpose, we use the Azure. We run quite a big business, and it is helpful with the electrodata we have used. 

What is most valuable?

I like the way it communicates to the cloud.

What needs improvement?

Whatever business requirements we needed in the past three years, users were created, with the name of the user and they were not connected with the Active Directory. We were trying to in house in three years and with directory, but we were not able to achieve it. Based on that we have informed Microsoft. And now we have created the things that are connected to the  cloud.

In Africa, we do not have the same bandwidth with internet speed. This slows the connectivity and it provides challenges for our business.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

Yes, it is a stable product. But, sometimes we had problems due to the network. We are running in more than 24 countries. In Africa we were having issues, but I would say that 80% of our users are happy as a result of us switching to Azure. 

What do I think about the scalability of the solution?

The scalability of the product is fine. 

How are customer service and technical support?

First, we create a ticket. Then it is assigned to the technical support team. Afterwards, there is a number assigned to the request by the Microsoft team. We then upload the report of the log, or the case that is required. We then wait for the solution. Then, we can test it and implement the correction for the solution.

How was the initial setup?

It was a bit complex. We initially had an issue with our IP address, but it was resolved.

What was our ROI?

I believe that this solution has simplified our work environment. We have over 13,000 users and this is very helpful to connect everything. 

What's my experience with pricing, setup cost, and licensing?

It is a really nice tool and we have a license for the more complex model. It is not too expensive.

What other advice do I have?

Be aware that it may not work perfectly globally yet. There are still glitches with the solution in Africa.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Senior Technical Consultant at a tech services company with 51-200 employees
Consultant
In terms of security, we have been using the B2B/B2C hybrid integration with the certificate authentication.
Pros and Cons
  • "We have not had any formal issues with scalability."
  • "It is pretty good in terms of stability."
  • "I primarily use this solution for hybrid deployment, security, securing resources and for integration purposes. In terms of security, we have been using the B2B/B2C hybrid integration with the certificate authentication."
  • "There are issues using it with ADFS."

What is our primary use case?

I primarily use this solution for hybrid deployment, security, securing resources and for integration purposes. In terms of security, we have been using the B2B/B2C hybrid integration with the certificate authentication.

How has it helped my organization?

From a practice point of view, of storing secrets internally on Azure AD, we use the certificate when we can.

I would advise to allow an ex-client user to change their password. At present, you can only change your password externally if your password is still valid. If your password is expired, you cannot actually do it through Azure AD.

What is most valuable?

Most of the time, this product is doing purpose-built solutions. Some people on my team like the multi-step authentication. Others like the fact that it secures their resources externally.

What needs improvement?

We found the ADFS being a redundant part of the solution. But, it was removed. The licensing is a bit confusing if you are not going into the premium model.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

It is pretty good in terms of stability. I have not had any issues. It has not crashed.

What do I think about the scalability of the solution?

In terms of scalability, we have not had any formal issues or outages from the solution. We are currently using it for 100 users. But, our clients are also using it, and I think we have at least several thousand clients using it.

How was the initial setup?

The initial setup was straightforward. It has been improving a lot in the past couple of years. Yes, it is a lot easier now than when I first started working with this solution. 

I would estimate that the initial setup would probably take a team a week to set up.

What other advice do I have?

When implementing for one client, where they had ADFS turned on, we could not ID enough ADFS and when there was no internet connection. This was a Catch-22 for us, and very frustrating. I would advise new users to use Azure over the ADFS.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
John ONeill - PeerSpot reviewer
Principle consultant at Active Data Consulting Services Pty Ltd
Real User
The centralized management feature is very valuable. We do not have to deploy lots of machines to run things as a service.
Pros and Cons
  • "The centralized management feature is very valuable."
  • "We do not have to deploy lots of machines all over the place to run things as a service, which is how we like to deploy things, just as a service."
  • "https://www.itcentralstation.com/product_reviews/microsoft-bi-review-52460-by-amanda-zhou"
  • "A nice feature that is not currently present, would be if they had some visualization tools."

What is our primary use case?

Our primary use case is to simplify directory deployment and centralize source of management. Within our own consulting business, we choose to use Azure AD.

What is most valuable?

The centralized management feature is very valuable. Being able to delete stuff in one place, from any location is really great for us. In addition, we do not have to deploy lots of machines all over the place to run things as a service, which is how we like to deploy things, just as a service. So, this makes it easier to deploy, easy to set up, and work with. It is easy to use, and makes quality of life issues a reality for us.

What needs improvement?

It would be nice if it had some visualization tools. A bit of visualization would be really nice to show your Azure directory structure. It would be very good because you might have sub-domains and odds-and-ends going on. So, a bit of visualization would be really good. Being able to plug it directly into the video to produce models would be a really nice feature.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

The stability is really good. We have not had an issue with it at all. It is always there for us.  As a part of what Microsoft seems to be doing, it is taking away from what dedicated machines that you have to fiddle and tinker with to run services on, and turning them into services you can just access.

How are customer service and technical support?

My experience with tech support has been really good. I have had a couple of issues where I have logged the ticket with Microsoft, and I had someone on the phone with me regarding the ticket within a half an hour. It was a real technician who really knew what he was talking about. I was very impressed.

We had a problem related to Office 365 and Skype, and not being able to generate a Skype session when everything else seemed to be working. The tech support helped us fix the situation. They have a good depth of knowledge  and it is not just people reading off a script. They are real users, with real experience.

How was the initial setup?

The initial deployment and setup was pretty straightforward. It is pretty easy. It is not that hard to get going, and the thing is that it is quick to integrate well with your Windows.

What was our ROI?

If you have an existing environment that consists of on-prem AD based environment, then you will want to go with Azure AD. You need to talk to your service provider, or your in-house IT team. Get them involved to help. We did so, and then we just set up a whole new domain and got rid of the old one, and set up the new one on Azure AD. Microsoft will help walk you through the process.

What's my experience with pricing, setup cost, and licensing?

It looks like they're just making everything as a service and it is pay per user, and that just works for me. It's really good. Gets the cost down and lets you scale if you need it.

What other advice do I have?

It is easy to use, straightforward, and in my language. It does exactly what is says, and does not pretend to be anything else.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Jaydeep Mehta - PeerSpot reviewer
Senior Analyst - IT Development at a tech company with 10,001+ employees
Real User
It is a very straightforward implementation. It helps us with maintaining enterprise identities.
Pros and Cons
  • "It is a very straightforward implementation."
  • "It helps us with maintaining enterprise identities."
  • "The licensing cost is a bit prohibitive."

What is our primary use case?

It's a very good solution.  You can manage your entity's enterprise identity using Azure Active Directory, and again, you can do several administrative activities. You can also use your Power Shares sorting and interfacing the endpoint.

How has it helped my organization?

It helps us with maintaining enterprise identities and integrating enterprise in those applications are some of the assignments.

We do have an expanded feature. We have captured video, so that other people can get their hands on getting used to it. That is, they can get used to the platform and implement it from the beginning.

What is most valuable?

We find the Integration accessory integration the most valuable feature. You can have your application integrated with an actual directory. You don't need to do much code, you can use interfaces and it's a direct integration. So, no need to worry about the requirements of your application.

What needs improvement?

The licensing cost is a bit prohibitive.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

I have not encountered any issues of stability with the product.

What do I think about the scalability of the solution?

It scales as far as it depends on the contract. So, it is useful, with plenty of management capabilities. It is pretty flexible, scaling, you can scale in or out as per your requirements.

How are customer service and technical support?

I have not contacted tech support.

How was the initial setup?

It is a very straightforward implementation, and you pay as you go. It depends on your number of users, number of applications integrated, and how you prepare your topologies (the arrangements of the network). So, it is pretty much flexible. You can custom tailor it as per your business and target , business implementation and requirement. 

Which other solutions did I evaluate?

I have some prior experience with Oracle Unified Directory, as well. It is a less compliant directory service. 

In comparison, Azure Active Directory is mostly used with tighter integration. In most of the cases, enterprises are using Office 365 for the communication site online. If you have a requirement like integration with Office 365, then Azure Active Directory is a perfect solution. If you want to integrate other applications or workstations, you can use any compliant directory that works.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Jaime-Sanchez - PeerSpot reviewer
Director General
Real User
The most important feature is the factor identification.
Pros and Cons
  • "The most valuable feature is the factor identification. I find that it is natural integration, and it is just a natural step. I do not need to do anything else."
  • "I think there is room for improvement with actually discussing, and advertising Microsoft as a an authenticator. Many people just get confused and use Google, and I think if Microsoft would make more of an effort to penetrate the market, that would be key."

What is our primary use case?

We primarily use this solution for tracking authentication.

How has it helped my organization?

The quantum we are using is probably the authentication The security-based factor of authentication.

What is most valuable?

The most valuable feature is the factor identification. I find that it is natural integration, and it is just a natural step. I do not need to do anything else.

What needs improvement?

I think there is room for improvement with actually discussing, and advertising Microsoft as a an authenticator. Many people just get confused and use Google. It's weird because it's exactly the same way that it works. But it's there, it's definite region to start the people is more used to use their the Google authenticator instead of the Microsoft authentication. I think if Microsoft would make more of an effort to penetrate the market, that would be key.

In addition, it would be nice to have a biometric authentication like voice ID, or any of your medical ID. This would be a nice additional feature for Azure to have.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

We experienced the aset surge that happened a month or so ago. There was a storm that broke one of the data centers in south-central. The functionality of active directive for Microsoft support was in shortage.  It took a day to return back to functional use.

What do I think about the scalability of the solution?

The solution is scalable for our needs.

How are customer service and technical support?

I have not needed to request technical support. All of the Microsoft guides are really good and are very helpful.

Which solution did I use previously and why did I switch?

I know more about Microsoft than any other technology, that's why I didn't look for any other competitors.

How was the initial setup?

It was a very straightforward initial setup. To be honest, we are a pretty small company so for us it's one portal and everything is there. It's not that complicated.

What other advice do I have?

I like it, I love it and it works fine.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Azure Active Directory (Azure AD) Report and get advice and tips from experienced pros sharing their opinions.
Updated: September 2022
Buyer's Guide
Download our free Azure Active Directory (Azure AD) Report and get advice and tips from experienced pros sharing their opinions.