Microsoft Entra ID Reviews

Sometimes with this solution, since our old API can have some latency and short links if you want to enable permission on a system application can be some delays. For example, sometimes, when a user requires their access, sometimes it's not happening in real-time; they just wait a couple of minutes before the TCI really provides it. Sometimes this can create confusion if a user an engineer or a developer believes that the solution is broken. The solution is not broken. It just sometimes has a delay. That is something that I encourage Microsoft to fix. During the pandemic, we had a lot of conditions with the remote workers. So when the capacity increased, there could be latency. However, that is a Microsoft scalability problem that they have to address at a certain point. That said, it's not a dealbreaker. It would be good to have more clarity around licensing. It's a bit technical for those strictly dealing with budgets. I would like to see a little bit of improvement in the resiliency of the platform. Entra ID has a global point of presence worldwide, however, if one node goes down in a geographical location, it has a global impact. Sometimes even a simple certificate that is not renewed on time can cause global issues. Microsoft should improve global operations and sandboxing. So if one of the nodes is down in Asia, it won't take down the United States as well. The redundancy and the resiliency of the product should be improved over the global geographical scale of the product. In terms of features, at the moment, the solution is covering everything. I don't see a new feature needed aside from improving their API.

As an administrator, we sometimes observe a discrepancy between Microsoft Intune and Entra ID – these are distinct solutions, each with its own licensing subscription. On occasion, these two solutions are combined into a single service, or conversely, certain services might be removed. Such situations can create conflicts for administrators. A few days ago, I noticed that certain aspects like the Microsoft Compliance and Microsoft Security tabs were missing when accessing Entra ID. It appears that some services have been removed from Entra ID and new ones have been introduced, which wasn't communicated to us. I would appreciate receiving notifications regarding the removal of services from specific tabs, along with information about their replacements. This would allow us to plan our logins accordingly. Microsoft offers two portals – the classic portal and the modern portal. When using the classic portal, we promptly receive notifications about its upcoming transition to the modern portal after a designated date. However, no such notifications were provided for Entra ID. In my quest to locate security and compliance checking features within Entra ID, I discovered that the options were seemingly absent. Subsequent Google searches revealed that these features had been consolidated under a single solution. We are receiving false security alerts on the dashboard. We have set up a conditional access policy that restricts access based on the user's location. However, we have observed that there are instances when Microsoft's AI might be generating these false alerts. This is causing users to be blocked from accessing their accounts. When we reached out to these users, they confirmed that they hadn't visited the specified area or country in the last seven to ten days. Despite this, they are receiving notifications to reset their passwords, with a warning of being locked out. Microsoft should work on enhancing its machine-learning algorithm to prevent unnecessary lockouts of users.

Azure Active Directory's single sign-on feature has been helpful because users don't need to authenticate again and again each time they access it. Users only need to sign in the first time, and Azure handles everything. We haven't experienced any errors or security-related issues in the past four years. Many people use our protection servers from outside, requiring multi-factor authentication. Each authentication is logged precisely. In addition to the SSO, Azure AD is entirely flexible. We have other Microsoft services running on-premises, so Microsoft Azure AD allows us to sync other Microsoft services completely. This is perfect for us. Microsoft Entra offers a single pane of glass for managing users and cloud services on multiple platforms. It all requires authentication and validation of user data, so Azure AD helps us to authenticate each user's identity without any security compromises. Microsoft has an excellent administration portal that enables us to sync our on-premise Active Directory automatically with the cloud. Any on-premise policy changes are reflected on the cloud. There are various options for each user on the admin portal. You can change user passwords and other attributes or configure a policy for forgotten passwords. A writeback feature can also reflect changes from the cloud to the on-premise environment. If you change the password from the cloud admin center, it gets reflected here. Microsoft Azure AD Connect has a multi-factor authentication. Multi-factor authentication is a crucial feature, but we only require MFA for specific servers in the cloud. With Microsoft Azure AD Connect, we can specify the users and servers that require multi-factor authentication. Azure Active Directory integrates well with other third-party applications. Third-party hosted solutions have the option. We can even create applications with Microsoft Azure AD. When users log in to Microsoft Azure AD, their credentials are stored in the application, and we don't need to get them on-premise Active Directory. So, it is an essential feature for us.