Microsoft Entra ID Reviews

We have been using Microsoft Enterprise for ten years, and we actually started beginning to really use it about two years ago. Earlier, we had an access manager on the premises, but everything is moving to the cloud. So we are moving our access management and identity management solutions to the cloud as well.

The whole access management solution is valuable. In 2015, we were selecting a new access management solution, and because it was already integrated, we started using it. 

Integration with Defender allows us to get alerts and respond to them by blocking users. Microsoft Entra ID has streamlined and centralized our device management and threat response processes.

We are looking for more customization with BRAIN and everything else, and while they are following up on that, we want some more of it.

We have experienced some downtime because of the use of the data centers.

In Microsoft technical support or Microsoft Denmark, we have an account manager and strategist, whom we contact along with the suppliers who have their own technicians. The experience has been positive.

Positive

Earlier, we had an access manager on the premises before moving to Microsoft Enterprise for cloud-based solutions. In 2015, we selected a different access management solution initially.

Would you rate the overall solution on a scale of 1 to 10? Yeah, excellent. From one to ten, would you mind the call? I think, yeah, excellent.

I am an operational engineer and consultant that assists organizations with their Azure Active Directory implementation. I primarily deal with administrative functions in my day-to-day tasks. I am responsible for creating and configuring Azure AD users and groups, as well as assigning the dynamic membership required by the organization to their users. Another common task is that I set up guest user access for organizations that want to grant access to users on a temporary basis.

For customers that want to use a cloud-based deployment, I can assist them with that. In cases where the customer wants an on-premises deployment then we will provide them with help using AD Connect, which is used for synchronization between cloud-based and on-premises data.

This solution helps to improve security for our clients using a specific directory structure and by using a variety of options. There is a default directory, which is owned by Microsoft, and in there you can create custom directories for your use. 

There is a panel available for the administration of users, groups, and external identities. 

Options are included for uploading your on-premises applications to the cloud, and they can be registered with Azure. This means that you can also create your own applications.

Identity governance is available for paid users.

Using Azure Active Directory has benefitted several of my clients, with an example being a startup organization. Startups have three or four things that they need to do in order to begin work. First, they need a domain, and after that, they need a DNS record to be created for their domain. For instance, these services are provided by godaddy.com or similar vendors. Once these steps are complete, they connect to Azure AD with the help of the DNS record that was created. At this point, Azure AD performs the role of a Platform as a Service. Once Active Directory is connected and verified, you can create the users and groups, and begin managing your processes. 

These are the only steps that are required for a startup. For an enterprise that wants to migrate its on-premises data to the cloud, there are several additional steps. For instance, you need to create a virtual machine and install your server. Alternatively, if you already have a server, it can be connected with the help of AD Connect.

This is a good solution for end-users because the vendor provides good documentation and if the users experience errors or issues, they get a popup alert to explain the problem. Furthermore, it can provide a solution to resolve the issue.

The most valuable feature is Identity and Access Management. As an IT administrator, this feature allows me to manage access for users and groups.

This product is easy to use and easy to manage.

The application policies, licensing, and AD Connect options are valuable.

Multifactor authentication provides more security. Having a user ID and password is compulsory but after that, you can add different security features. For example, it can work with biometrics such as fingerprints, retinal scans, and facial recognition. There are many more options that may suit you better, as per your requirements.

When you log in to the Azure portal, there is an option available called Resource Groups. Here, you can add multiple things including printers and different servers. There are Windows servers available, as well as servers hosting many different flavors of Linux. Once a server is created, you can add in a database, for instance.

There are four levels of subscription and the security features are not available for free. At the free or basic level of service, Azure should provide identity protection features including single sign-on and multifactor authentication. These are the most important features for organizations and everybody should be able to utilize them for working remotely.

I have been working with Azure Active Directory for approximately three years.

Worldwide, Azure has many servers available and in fact, they are the largest cloud organization in the world. As long as you are paying for the service, you don't have to worry about availability. There is a Microsoft backend team available that can provide you with what you need.

The availability is the best in the cloud industry.

You don't need to create or manage your own infrastructure, as it is handled by the Azure team. Also, through the Azure portal, you can add databases.

This is a scalable product. You can scale it to any number of users and any number of servers, and there is no issue. As your organization grows day by day, you can increase your users, your databases, and compute services including RAM, CPU, and networking capabilities. This will ensure availability on the platform.

If you are part of a very large organization, with between 50,000 and one million users, then you might generate between 500 and 1,000 terabytes of data each day. You have two options for uploading this data to the cloud, including an online option and an offline option. In the online option, you use a gateway. The offline option includes Data Box, which is a device used to transfer your data. These hold 800 terabytes and above.

I have not used technical support from Microsoft myself. However, it is available and they can provide proper resolution to problems that people are having.

The support documentation that is supplied on the web page is very good. If anything changes then there is a section for notes in the documentation that explains it.

Using technical support is a more cost-effective solution than hiring somebody to maintain the product full-time.

The initial setup is not a complex process. It is simplest in a cloud-based deployment and it will not take much time. If your current server is on-premises then you only need two things. One is your enterprise domain users, which have full access permissions. The other is a global administrator on the cloud side. Both sides need to be integrated and this is done with the help of Azure AD connect. Once this is complete, you can have interaction between your on-premises data and cloud data.

It is helpful to have a basic level of understanding of the product prior to implementing it.

We provide support to our customers, depending on the error or issues that they are having.

There are four different levels of subscription including the free level, one that includes the Office 365 applications, the Premium 1 (P1) level, and the Premium 2 (P2) level. There are different options available for each of the different levels.

Everybody can get a one-month free trial.

This product is cheaper than Amazon AWS and Google GCP.

I do not use the other Active Directory solutions, although I do check on them from time to time. One thing I have noted is that the Google platform charges you on an hourly basis. In the case where you need a virtual machine for only one or two hours, this is a good option. However, if you forget to log out of your machine, then the cost will be large.

AWS provides you with a one-month free trial so that you can test using the resources.

At this time, Azure AD is the biggest cloud Platform as a Service that is available. They have 60+ cloud data centers available worldwide, which is more than any other organization. It is a service that I recommend.

My advice for anybody interested in this product is to utilize the free trial. Microsoft will not charge you anything for the first month. They will also give you a $200 credit so that you can use the services.

I would rate this solution an eight out of ten.

Entra ID is used to authenticate users and applications. 

Entra ID has helped us implement role-based authentication rather than conditional keys. It has made our entry point and access more secure. Entra has improved our Zero Trust platform, but I can't go into the details about how. 

It has improved our attack response slightly because we now have a better idea of what's happening and what we see in the logs. 

Entra ID provides an excellent overview of the applications and the options applied to them.

There are areas for improvement, particularly when moving between tenants. If we create a new tenant and try to set it up under the same organization, it becomes extremely difficult. A recent incident we dealt with took four months to resolve with a seven-day deadline, which was quite frustrating.

I have used Entra since it was released, and we also used Azure AD before it got renamed.

Stability has been questionable sometimes. We've had a few outages which have caused us some concern, and it's a critical solution that we can't do without.

There isn't much that can be done for scalability other than considering an alternative provider, which we have thought about at times.

I rate Microsoft support eight out of 10 in general, but they let us down when we were moving tenants. We were pretty upset with them.

Positive

We always used Azure AD and then Microsoft Entra ID.

Overall, some areas showed more return on investment, while others less so.

I rate Entra ID eight out of 10. 

Microsoft Entra ID serves as an identity protector and service privilege manager.

It has enabled my organization to build a secure environment for user login and asset access. We can enable secure user logins and access to assets.

When we implement app access with Microsoft Entra ID, it gives us confidence that we have secure authentication for our applications.

With privilege identity management, we can grant or escalate rights to a role for a short duration of time and not forever. It is a great feature. It is useful to validate the escalation of privileges. 

Federation on access service principle and the ability to be passwordless in certain use cases are valuable. Federated identity management is a great feature for the zero-trust model. 

Microsoft Entra ID could benefit from more fine-tuned rights. It is necessary to prevent granting an application or user broad access rights. A more precise approach would allow for specific rights, limited to certain contexts within the organization.

I have been using Microsoft Entra ID for three years.

Microsoft Entra ID efficiently responds to numerous requests, and we have not faced significant connectivity issues, making it reliable.

Their customer support is good.

Positive

I have not used any other solution. I was previously using Azure AD. About two years ago, it was renamed to Microsoft Entra ID.

I would rate Microsoft Entra ID a nine out of ten.

We use the solution for sign-on authentication to our devices.

During the pandemic, we were able to smoothly shift our employees to work from home. Azure Active Directory played a crucial role in ensuring the security of our systems by verifying the identity of the authorized personnel logging in.

We started using Azure Active Directory because it helped our IT administrators and department save time, which was one of the main reasons.

Azure Active Directory saved our organization money.

Azure Active Directory significantly enhanced the user experience for our employees. We observed a notable increase in employee usage and positive communication regarding their experience, particularly after the pandemic.

The two-step authentication is the most valuable.

I would like to have an additional security option to prevent spam.

The price has room for improvement.

I have been using the solution for five years.

The solution is extremely stable.

The solution is highly scalable. We are a school district that is compromised of seven schools. The solution is implemented in multiple locations, and we have over 200 employees and 1,600 students.

The technical support is good. They are always responsive and provide quick resolutions.

Positive

We were using Office 365 but all of the employees started to use their personal emails which affected security so we added Azure AD.

We obtained certification for the deployment of the solution. Microsoft provided a document outlining all the deployment rules and steps, as well as a planning team that provided instructions for all email templates. The deployment required three people.

The implementation was completed in-house.

We have seen a return on investment using Azure AD.

We are currently on the education plan, so the price is slightly better than the development plan. However, I believe there is room for even better pricing.

We assessed Google Cloud Identity but ultimately chose Azure AD due to the Microsoft product familiarity among our team. We believed the transition would be smoother, which has been confirmed. Moreover, since not everyone was using Gmail, it would have been challenging for them to learn a new system. However, at that time, everyone in our school was using Microsoft products.

I give the solution a nine out of ten.

We have a full-time IT staff and part of their role is to maintain the solution.

Azure AD is an excellent and highly stable product. Its user interface is intuitive for those who have prior experience with Microsoft products. With some training, deployment can be carried out successfully. Our deployment experience was hassle-free, but the pre-training we received proved to be very helpful.

We use it for the single sign-on to different products that we have, and it works pretty well.

In general terms, we use it as an admin tool. If we want to set up accounts for people, it's easier for us to do it like this because everything is connected to different groups.

It's a very intuitive platform. It's easy to create groups and add people.

I have used Okta in the past. Okta is easy to use, and it's also very friendly. Even users who have no tech experience would be able to use Okta.

When it comes to Azure, creating certain things or getting different resources isn't very clear. You need a certain level of knowledge of the system. It could be a little bit more friendly so that some of the things can be done easily, but after everything is created, it's easy to use.

I've been using this solution for five years. In this company, I've been using it for two years, and before that, I used it for about three years.

It's good. It has never hung up.

They're good. We don't have issues with scalability because we are not like Amazon or other companies that are super huge and have got tons of traffic.

I don't handle it directly now, but based on my previous experience, they're pretty fast. I'd rate them a 10 out of 10.

Positive

There was probably the Google management system, but it works similarly to Azure AD. 

I was not involved in its deployment.

In terms of our environment, it's a private cloud. We have the infrastructure within the platform, but all the software, all the usage, and other things are handled by us. We're private because we're a big company, so we're able to afford it. We're not an IT company, so we don't need so much processing power. So, we use Azure as a PaaS solution.

We use it as a connector for different applications. We have Adobe Sign and applications on AWS. AWS has a translation solution, and people have accounts over there. They have their translations of different products and things like that. That's how we use it.

In terms of maintenance, everything is done by Microsoft. We are just the end users.

The return on investment is easier to calculate with Okta. It's a bit complicated to calculate in the case of Azure. Of course, Azure is already a trusted platform. It's pretty big, and it's handled by Microsoft, so there are no issues with that, but it's easier to check the return on investment with Okta.

I'd recommend Azure Active Directory if you are a big company. For small or medium companies, it's probably not the best idea in the world because of the pricing. If you are a small company, you can probably deploy your own solutions because you're not handling a website with tons of traffic. If you are not like Adidas, Nike, or Walmart, you can do it in a way that is more localized than handling everything through a big price solution. However, Azure tends to provide you with solutions that are easier to use. If it was cheaper, I'd definitely recommend going for it.

I didn't evaluate any other solution. 

I'd rate Azure Active Directory a 10 out of 10.

My primary use case is Azure SSO. Then, it is a hybrid synchronization of users and computers, and also for SCIM provisioning.

Using this product has helped improve our security posture. I don't handle security directly, but I know that our security team was able to identify logs containing erratic behavior, such as logins that were not authentic. They were able to identify and solve those problems.

This solution has improved our end-user experience a lot because previously, users had to remember different passwords for different applications. Sometimes, the integration with on-premises AD was a little bit difficult over the firewall. However, with Azure, that integration has become seamless. The users are also happy with the additional security afforded by multifactor authentication.

One of the benefits that we get from this solution is the Azure hybrid join, where my presence of the domains is both on-premises and on the cloud. It has allowed us to manage the client machines from the cloud, as well as from the on-premises solution. We are currently building upon our cloud usage so that we can manage more from the Azure instance directly.

Our cloud presence is growing because most people are working from home, so the management of end-users and workstations is becoming a little challenging with the current on-premises system. Having cloud-based management helps us to manage end-users and workstations better. This is because, with an on-premises solution, you need a VPN connection to manage it. Not all users have a VPN but for a cloud-based solution, you just need the internet and almost everyone now has an internet connection.

The most valuable feature is the single sign-on, which allows any application that is SAML or OAuth compatible to use Azure as an identity provider for seamless sign-in.

I like the SCIM provisioning, where Azure is the single database and it can push to Google cloud, as well as Oracle cloud. This means that the user directory is synchronized across platforms, so if I am managing Azure AD then my other platforms are also managed.

In a hybrid deployment, when we update the UPN or email address of a user who has license assigned, it does not get updated automatically during normal sync. This means that we have to update it manually from Azure, which is something that needs to be corrected. Essentially, if it's a hybrid sync then it should happen automatically and we shouldn't have to do anything manually.

Azure AD DS allows only one instance in a particular tenant, which is something that could be improved. There are people that want to have AD DS on a per-subscription basis.

I have been using Azure Active Directory for more than three years.

Other than a few global outages, I have not seen any specific outages to the tenant that we use. In the typical case, we haven't faced any issues.

The scalability has been good. For the infrastructure that we have developed, there were no issues. We have nothing in terms of abnormal outages or any abnormal spikes that we have observed. Overall, scalability-wise, we are happy with it.

We have thousands of users on the Azure platform. The entire organization is on Azure AD, and everyone has a different, specific role assigned to them. Some people are using the database, whereas somebody else is using other infrastructure service, and the same is true for all of the different features. We have different teams using different features and I am part of managing identities, which involves using Azure AD and its associated features.

The support from Microsoft is very good. I would rate them a nine out of ten. They are responsive and very knowledgeable.

Prior to Azure AD, we used on-premises Active Directory.

The initial setup was not very complicated because there are very good articles online, published by Microsoft. They give detailed steps on the process and including what challenges you may face. In our setup, the articles online were sufficient but suppose you run into any issues, you simply reach out to Microsoft for support.

Taking the purchases, planning, and everything else into account, it took between three and four months to complete the deployment.

Our in-house team was responsible for deployment. In a few cases, we reached out to Microsoft for support.

We have not evaluated other options. The reason is that the integration between Azure AD and on-premises Active Directory is seamless and easy. Both solutions are by Microsoft.

My advice for anybody who is implementing Azure AD is to consider the size of their environment. If it's a large on-premises environment then you should consider a hybrid model, but if it's a small environment then it's easy to move to the Azure cloud model directly. If it's a small environment then Azure AD is also available on a free license. This is how I would suggest you start looking at having a cloud presence.

Azure AD is easy to integrate and manage, and it will reduce your capital cost a lot.

In summary, this is a good product but there is always scope for improvement.

I would rate this solution a nine out of ten.

I use this solution as an identity platform for Microsoft Applications including Office 365. We have found that users have third-party applications for authentication using an integrated identity infrastructure.

The most valuable features of this solution are security, the conditional access feature, and multifactor authentication.

The conditional access policies allow us to restrict logins based on security parameters. It helps us to reduce attacks for a more secure environment.

Multifactor authentication is for a more secure way of authenticating our use.

All our on-premises identities are synchronized to Azure Active Directory. We have an advanced license that enables conditional access based on logins, and suspicious behaviors. 

Active Directory is able to determine if a particular user signing in from a trusted IP or if there are two different sign-ins from two different locations. It will flag this latter incident as a potential compromise of a user's account. 

In terms of security, it provides us with the features to alert us if there are any fraudulent attempts from a user identity perspective.

It provides access to our Azure infrastructure and allows us to assign roles and specific aspects to different subscriptions. It has several built-in roles that you can assign to individual users based on their job scope. It allows for granular provisioning.

With onboarding applications, you are able to register applications in Azure Active Directory, which allows you to use it as a portal for access as well.

Azure Active Directory enhances the user experience because they do not have various IDs for different applications. They are using one single on-premises ID to synchronize and they are able to access various different applications that are presented to them.

If you have a new application, you will export the application within Azure AD and we add access to those who need that application and you are able to use the corporate ID and password to access it.

Azure Active Directory is a good platform for us. We rely heavily on providing our users a good system and interface that we seldom have issues with.

The management interface has some areas that need improvement. It doesn't give you an overview similar to a dashboard view for Azure Active Directory. The view can be complicated. There are many different tabs and you have to drill down into each individual area to find additional information.

There are too many features available, more than we can use.

I have been using Azure Active Directory for three years.

It's quite stable. There are no issues with the stability.

The identity platform is quite robust.

It is very scalable. We have deployed it globally for approximately 10,000 users and experienced not many issues. In fact, we have not encountered any issues so far.

Generally, we don't have issues that require technical support. We have multiple domains within the Azure AD and we had an issue where SharePoint users were not able to access the domain.

We had a prompt response and were able to identify what the issue was. We were given specific tasks which led to resolving the issue.

I would rate the technical support a nine out of ten.

Previously, we did not use another solution. Primarily it was an on-premises Active Directory that we synchronized to the cloud.

The initial setup was completed by a separate team.

We have five global administrators who are primarily responsible for providing access and assigning roles for all the various different groups and teams that have different subscriptions, and they will manage their subscriptions based on the roles that they are assigned.

In terms of deployment, Active Directory ensures that there is express route connectivity from an on-premises data center to Azure and ensures that there are sufficient redundancies in Azure Active Directory Connect Servers and Domain Controllers. 

We have seen a return on our investment. I would say that it is one of the key components of our identity solution

The pricing is very flexible. There are a few tiers of licensing, and it is a part of an enterprise contract.

It is bundled with other services and the pricing is quite reasonable.

We did not evaluate other solutions.

I would strongly recommend implementing Azure Active Directory.

For new organizations, it would be best to start implementing directly on the cloud, and for our existing organizations who have on-premises solutions, it would be seamless to synchronize the on-premises user with the cloud and use that. 

I would rate Azure Active Directory a nine out of ten.