We performed a comparison between Microsoft Entra ID and SAP Access Control based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Auth0, Okta and others in Access Management."The boards for task tracking are a valuable feature."
"I like that you can run it on-premises. I also like that I can use Azure at any time as the main one."
"Azure AD allowed us to get rid of servers and other hardware running at our offices. We moved everything to the cloud. Once we set up roles and permissions, it's only a matter of adding people and removing people from different groups and letting permissions flow through."
"Azure Active Directory provides access to resources in a very secure manner. We can detect which user is logging in to access resources on the cloud. It gives us a comprehensive audit trace in terms of from where a user signed in and whether a sign-in is a risky sign-in or a normal sign-in. So, there is a lot of security around the access to resources, which helps us in realizing that a particular sign-in is not a normal sign-in. If a sign-in is not normal, Azure Active Directory automatically blocks it for us and sends us an email, and unless we allow that user, he or she won't be able to log in. So, the User Identity Protection feature is the most liked feature for me in Azure Active Directory."
"The user functionality enables us to provide different levels of access, across many applications, for each user. We can customize the access level and set a security level in connection with that access. For instance, we can require MFA. That is a feature that helps enhance our security posture a lot."
"The solution has a variety of tools. Two of the most valuable features are the ability to create users and to replicate the user account from on-premise to the cloud."
"The scalability is good now, and I find it to be more stable and faster since scaling up to ESX."
"The best thing about Microsoft Entra ID is the ease of setup."
"It is an SAP product, so it integrates very well with other SAP products."
"When we add some user groups, at times they will not be properly configured. Also, sometimes Azure AD is not aware of the group policy, like the control, device functions, and settings, in detail. For example, you cannot configure these settings through mobile devices. It doesn't provide the flexibility to do that. The other challenge is that a third-party application may provide access without authorization."
"It doesn't function the same way as an Active Directory inside of an infrastructure, that is, a physical infrastructure. In the cloud, it is all flat. That's one of the disadvantages."
"Active Directory could always be more secure. Right now, we've got two-factor authentications. All services based on Active Directory have a username and password. If somebody hacked our username, they could easily get all the data from our side. So I want two-factor authentication and a stronger password policy from Active Directory. The domain controllers should be more secure as well."
"The monitoring dashboard could be a bit better."
"If Microsoft can give us a way to see where this product is running, from a backend perspective, then it would be great."
"Microsoft is working with Microsoft Identity Manager for Active Directory on-premise. It will be very important to have these identity management solutions directly in Azure Active Directory. It's very important to have some kind of Azure identity manager as a technology for identity and access management for working both in the cloud and inside the Azure suite."
"We have a lot of freedom in using the Group Policy Objects and, although Group Policy Objects are part of Azure Active Directory, there are still a lot of things that can be improved, such as providing local admin rights to a user. There are various, easy ways that I can do that in the on-premises version, but in the cloud version, it is a bit difficult. You have to create a bunch of policies to make it work."
"In a hybrid deployment, when we update a license by changing the UPN or email address of a user, it does not get updated automatically during normal sync. This means that we have to update it manually from Azure, which is something that needs to be corrected."
"It would be better if we could also manage other systems with it. Currently, you have to purchase plugins for it to work with other non-SAP systems. It would be good if there is an easy way to integrate SAP Access Control with other non-SAP systems."
Earn 20 points
Microsoft Entra ID is ranked 1st in Access Management with 190 reviews while SAP Access Control is ranked 23rd in Access Management. Microsoft Entra ID is rated 8.6, while SAP Access Control is rated 7.0. The top reviewer of Microsoft Entra ID writes "Allows users to authenticate from home and has excellent integrations in a simple, stable solution". On the other hand, the top reviewer of SAP Access Control writes "Automates our user provisioning process and integrates very well with other SAP products but needs better integration with non-SAP products". Microsoft Entra ID is most compared with Microsoft Intune, Google Cloud Identity, CyberArk Privileged Access Manager, Yubico YubiKey and Cisco Duo, whereas SAP Access Control is most compared with .
See our list of best Access Management vendors.
We monitor all Access Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.