Microsoft Entra ID Reviews

We use it for access and identity management.

Microsoft Entra ID has improved the way we administer the technology. One strong capability is our ability to use single sign-on. Using identity is an important component of our security, so we have been able to consolidate. Instead of having to manage users for different applications, we use single sign-on. We use Microsoft Entra ID to be the core of identity management across all applications. We have the capability to do so, so it reduces the burden of onboarding, offboarding, and giving different permissions because we have a centralized way to handle that.

Microsoft Entra ID does a pretty good job of providing a single pane of glass for managing user access. For zero trust and the more modern security approaches, it is key to have a single pane of glass. We are able to be very regimented and have processes that are repeatable and reproducible. It provides that consistency, so it is easier to be very consistent.

Microsoft Entra ID has helped to save time for our IT administrators, but I would have a hard time quantifying that. We do not have a lot of users. We are dealing with hundreds of users and not thousands or tens of thousands of users. We are able to use logic and rules to handle most permissioning versus having to do administrative things manually. There is less touch. We touch it only when we have to troubleshoot. If we have a good set of rules, it handles what we need to handle.

The user management groups are valuable. It is a pretty basic product, but user management, in general, is valuable with the ability to differentiate between business lines and add different policies, group-based management, and dynamic user groups.

Allowing for more customization would be very useful. There is a limited metadata capability. When you look at a user, there are only six pieces of information you can see, but organizations are way more complex, so having that metadata available and being able to use that for dynamic user groups and other policies would be very helpful.

We have been using Microsoft Entra ID for six years.

For the most part, it is very stable. I am not worried about its stability.

It is very scalable.

Typically, the people who provide us support want to provide good service, but overall, there is a lot of room for improvement because the subject matter experts basically follow the script, and sometimes, they neglect to listen to what we are asking for. We would have already gone through the steps, and we explain it, but we have to repeat ourselves multiple times.

In my past experiences, I have used Okta and the other ones. In my current organization, I have not used any other solution. When I came in, thankfully, we had Azure AD. We stuck with it, and we made that the primary. It is not perfect for sure, but it works very well in the Microsoft ecosystem. It works well together with Intune and other Microsoft solutions. Because we have a single stack in Microsoft, it works very well with Intune. In the past, I have had different identity and access management, and then you have interoperability issues. Even though Microsoft Entra ID is not perfect, there is less of that. You get one vendor, and usually, things work out eventually.

I was not involved in its deployment in my current organization, but I was spearheaded into bringing from a basic use case to a lot more security and a lot more automation and manageability.

Initially, the initial setup was very basic, and then we modernized it and improved it. We used a lot more policy, and dynamic user groups were a big aspect of that single sign-on in the app management, app registration, and various other aspects.

We took a little bit of external help to make sure that our approach was optimized.

It is difficult to quantify that. Because there is the cost of switching, usually, it ends up being a wash.

Pricing could always be better. You pay the premium for Microsoft. Sometimes, it is worth it, and at other times, you wish to have more licensing options, especially for smaller companies.

We are currently not evaluating other options.

I would rate Microsoft Entra ID an eight out of ten.

We migrated about 3,000 computers from on-prem Active Directory to Azure Active Directory or Azure AD. 

These are still early days, but we are certain that it will improve our organization as we move away from on-prem Active Directory.

It provides a single pane of glass for managing user access, but we have to get more into it to be able to say that for sure. We have got so many different tools. It would be nice to have less tools. We are starting to take a look at how to consolidate tools.

It will definitely help to save time for our IT administrators.

It has not yet helped to save our organization money. It is too early for that.

The way the laptops are joined is valuable. We can take advantage of that in terms of being able to log in and do things. It is easier to change passwords or set things up.

I would like to dive into some of the things that we saw today around the workflows at this Microsoft event. I cannot say that they need to make it better because I do not have much experience with it, but something that is always applicable to Microsoft is that they need to be able to integrate with their competitors. If you look at IDP, they do not integrate with Okta.

I have been using this solution for about six months. It was not called Entra ID then. It was called Azure AD.

Our dealings have been fine. We do not deal with them so much. When we have to open something, our account managers help us out.

We were on on-prem AD. We moved to Azure AD because of a merger. We were purchased by a larger company, so we are moving on to their domain.

It was in the middle of the road. It was not the easiest thing, and it was also not the hardest thing.

We took the help of a company. They did a good job. They helped us to move a huge amount of data.

It is in line. Because we are so early, we have not had to come back on a cycle where we are having to negotiate again.

I would rate Microsoft Entra ID a nine out of ten. It is very good.

Microsoft Authenticator is a third-party application used to authenticate users in our Microsoft environment, such as accessing emails or applications like Excel, Word, or any other application. It is also used for online login purposes. The configuration process is simple from the admin side; we just need to enable it for the user. The user will receive a notification on their mobile device and then needs to download the Microsoft Authenticator app. They can add their account by entering their username and password. Once this is done, the configuration is complete.

While using any applications in the environment, users need to authenticate using Microsoft Authenticator. They will receive a one-time password that expires in thirty seconds, which they must use for authentication. One advantage of using Microsoft Authenticator is that it ensures the security of user accounts. Even if someone tries to hack or authenticate into another person's Microsoft account, they will be unable to do so without the password. The user will receive a notification if someone attempts to access their account and can choose whether to grant them access or not. If any unauthorized access is detected, we will investigate to identify the person behind the authentication attempt.

Microsoft Authenticator is highly secure. It is connected to its own servers. Using this application employs encryption methods, and the user has the right to access it. Additionally, we can utilize the biometric fingerprint tool for authentication, ensuring that only one person has access to it. This feature is extremely beneficial.

The cost of licensing always has room for improvement.

I have been using Microsoft Authenticator for three years.

Microsoft Authenticator is scalable.

The initial setup is straightforward. We downloaded it from the Google Play store and used a name and password. That's all it takes, and we're ready to go. The configuration duration is set on an admin site, but the actual configuration must be done on the end devices themselves. This can include mobile devices, tablets, or any other device that we can use, and takes about ten minutes to complete.

We have observed a 60 percent return on investment with Microsoft Authenticator, which provides us with peace of mind, knowing that there is no unauthorized access occurring.

Microsoft Authenticator is included in the package when we purchase a license from Microsoft.

I rate Microsoft Authenticator ten out of ten.

We have 120 users. The solution is used daily and is required whenever a Microsoft account needs authentication to ensure that only the data owner or email owner has the proper authentication to access the mailbox or application.

I will advise people to continue using the Microsoft Authenticator because it provides security and data protection. From a cybersecurity perspective, it is beneficial to use the Microsoft Authenticator for the authentication of Microsoft products.

We primarily use the solution for most of our enterprise identity management. 

It's improved our company through the security policies. It's helped improve our security posture. 

It's pretty easy to implement. In most of the apps nowadays, it has the ability to use multifactor authentication, SSO.

The control is great. It offers good conditional access.

It helps with managing user access via one pane of glass in most cases. 

The security policies we are applying are pretty well structured. 

The solution is nice to use. Microsoft did a good job.

My assessment on Microsoft EntraID admin center for managing all identity and access as our organization. It's great. It's very well organized, pretty straightforward, and easy to use. It's not just that it's easy to use, it's very intuitive. Everything is easy to find. 

We use Microsoft Entra ID conditional access features and improve the robustness of our zero-trust strategy to verify users. 

The permission management feature is good. 

The visibility and control are very good. The whole intro ID concept is pretty intuitive. Even if you have never used this and you have some experience in IT, you will be able to handle the solution easily.

It's helped our IT department save time. It also helps with speeding up processes. I can't speak to the exact amount of time saved per week, however.

The solution helps the company save money. 

It's positively affected the employee user experience. 

It's just been renamed. That said, I can't speak of room for improvement. There may be areas that could be better, however, I haven't thought too much about that. 

I would change the device access a bit. It's very difficult. I would add some features. I would like to be able to authenticate Wi-Fi users using the Azure ID. However, my understanding is it needs to be from both sides, from the vendor that is creating devices for the Wi-Fi and for the networking part and Microsoft. 

The company has been using the solution since before I arrived. I have used it for around four or five years. 

The solution is stable. I've never seen big issues. It's pretty much a stable product. 

Sometimes Microsoft has small issues, however, nothing that would cause the entire company to not be able to work for a whole day. 

More than 1,000 people are currently using the solution. 

It is a scalable solution for sure. 

I've never used technical support. 

I've used a few different solutions. Mostly I've used Active Directory. It does the same thing; it has just been renamed. 

I was not a part of the implementation. It was done before I joined the company. 

It may require a bit of maintenance, however, it's not a task that is part of my department. 

I don't deal with pricing. It may state the cost online. 

I did not evaluate other options. 

I'm a user.

I'd rate the solution nine out of ten. I'd advise others to use it. Even the free tier has a lot of features that even a small company would benefit from. 

We use it as the Active Directory on the cloud. We have the systems on-premises and on the cloud. We connect the AD data to Azure. We have a single sign-on service on multi-cloud. We use the single sign-on feature on, for example, AWS.

In terms of the version, we use it as a service, and it is always updated to the latest version. 

Microsoft Entra ID helps to synchronize information from on-premise Active Directory. There are security features such as multifactor authentication. We can also use a single sign-on to connect with the other application on the cloud. 

It helps our admins to have more security. It is helpful for authentication methods, log checking, and audit trails in case of security concerns. However, it has not saved them time.

Microsoft Entra ID has not helped to save our organization money, but it helps to improve security.

The security features, multi-factor authentication, and service management features are valuable.

Microsoft Entra ID provides a single pane of glass for managing user access. Its menus are properly categorized, and they make it easy to use for our work and processes.

One thing that they need to improve is the cost. It already has a lot of features, but more protection of the identity would be beneficial for customers.

I have been using this solution for three years.

It is stable.

It is scalable. In our environment, we mostly have Microsoft solutions such as Microsoft 365, email, OneDrive, SharePoint, Power Apps, etc. Entra ID is deployed across multiple locations for multiple users. We have a Microsoft 365 license for all employees. We have two admins who take care of configuration and monitoring for security and data loss prevention. 

We have plans to increase its usage.

I have not contacted their support.

We did not use any other similar solution previously.

I was not involved in its deployment. 

It is costly.

I would recommend this solution to others. Overall, I would rate Microsoft Entra ID an eight out of ten.

It's something that we use every day. We're migrating all of our customers over to it.

We use it for Office 365 and Azure services.

It's a cloud service. You do not depend on local identities. You can just synchronize the identities. It gives you the opportunity to use the security services that come with Office 365 and Azure. 

It does offer a single pane of glass for getting into all applications. However, we have some customers that have a hybrid environment and it depends on what applications and if the client wants them authenticated with Azure or not. In general, it's been positive for the final user experience.

We do have to manage identities on-premises in Azure and have one point of entry and the solution allows for that.

We use conditional access. That's a must for customers - to be able to verify users and devices. It helps with initiating a zero-trust policy. It's one of the main functionalities we really like. You can get granular with the policies in terms of access. 

We use conditional access in conjunction with Endpoint Manager. We also push Endpoint Manager as a solution to work with devices. That's also something that we try to push to the customers in any project. Most of the time, they go with it and like the idea of being merged with which are Endpoint Manager. Sometimes there are some customers, small customers, that maybe don't want to use that. Our position is to always use an endpoint manager.

It's helped out IT managers a lot in terms of the features on offer. I'm not sure of the exact amount of time that has been saved in general. I'm not involved in the day-to-day management from a customer's perspective. 

It's had a positive effect on the user experience. I'd rate the improvement nine out of ten. 

Support could be improved.

Okta has had more time in the business than Microsoft. I hope, in the roadmap, Microsoft eventually offers the same features as Okta. It will take some more time to mature. 

I've been using the solution for five years.

The solution is scalable. 

Customer support is good. However, it could be better sometimes. They do answer fast, however, the resolution itself is not fast. The first level of support will most likely have to move the issue to level two or three technicians and that process makes the resolution take longer.

Positive

I did not previously use a different solution. I deal strictly with Microsoft. I don't deal with any other companies. I'm dedicated to Microsoft. 

I was involved in the deployment process. It's easy for someone who's done it many times. 

In my department, we have ten to 15 colleagues that can handle these migrations or synchronizations. 

It's an easy product to maintain. 

We do have a customer that has Okta, and while we don't deal with it directly, we know what it does. We don't use it. Okta has specific features that are different from this product, however, it's not something we sell. For example, Microsoft can synchronize users from local to Azure, and not vice versa. Okta can do that, however. Also, the management lifecycle feature in Microsoft isn't as robust as Okta. 

Okta does have a lot of models, as does Microsoft. In both cases, depending on what you need, there would be a different license. 

There are not too many companies that have Okta in Spain, however, those that have would have many environments across AWS, Google, et cetera - not just Microsoft.

We're integrators. We don't use the solution ourselves. 

We do not use Permissions Management. I'm not sure if it is one functionality or a combination of several. 

I'd rate the solution eight out of ten. 

We sync up our on-premise Active Directory with Azure AD and use it for app registration. All of our cloud-based DevOps activities use Azure Active Directory.

Azure Active Directory has many automation capabilities, and you can apply policies on top. You can do a lot of things with these combinations and integrate other tools like PingFederate. We've likely saved some money, but I don't know how much. 

The solution has made our environment more controlled and robust. At the same time, functions become more challenging for users when you add more controls and multi-factor authentication. However, these measures are essential when you're dealing with a complex environment that crosses multiple regions and cloud platforms. 

I like Azure Active Directory's integration with GT Nexus, and it improves our overall security. Azure AD enables us to manage user access from a single pane of glass. We use single sign-on and multifactor authentication. Teams are required to have Authenticator downloaded on their devices. 

We use Azure AD's conditional access feature to fine-tune access controls and implement a zero-trust policy using authentication tokens. The calling application needs to verify those tokens. The tokens contain information that the application needs to verify. Every application or user needs to be registered in the system to access it.

In Azure AD, applications either use the managed identity or ARBAC for permission control, and we use SaaS on top of that. Policies can be used if there is anything else infrastructure or access-related. 

Permission management works the same way across all cloud platforms. You can have granular or course-grade permissions. It depends on what you want to use and how you want to use it. I'm on Azure, so I know how they use it. 

Azure AD could be more robust and adopt a saturated model, where they can offer unlimited support for a multi-cloud environment.

I have used Azure AD for two years. 

I rate Microsoft's support a nine out of ten. We are preferred partners, so we get high-priority support. 

Positive

I rate Azure Active Directory an eight out of ten.

I am using Azure AD to assist a client with COCC level one and level two certifications. The primary use of the solution is its conditional access feature to enforce fine-tuned and adaptive access controls. The robustness of a zero-trust strategy to verify users has helped in implementing zero trust right now.

The client has to have a clone network storage and manage the services it provides to the handful of people he works for. The control and identify data do what it is supposed to do, as advertised, but the client is not utilizing those features.

The security and compliance features are very helpful. The online information on the site is well documented.

One thing I would like to see is when you're doing control measures if you could globally apply them instead of going through every user individually. I looked at this problem twenty years ago, and it has stayed the same. In twenty years, it's still the same one by one. The default is whether you get group permissions or role-based assignments, you still have to go in individually to everyone every time, which is cumbersome to me. My problem with Azure AD is that it's designed for medium to large systems, and we're not that large.

I rate it an eight out of ten.

I have been using the solution for less than a year, and the client that I'm consulting with has been using it for about four and a half, five years.

It is a stable solution.

Since we're starting with three people, it's probably not going to grow to more than ten people in the next five years. So the scalability is fine for my client's needs.

We have not contacted Azure's technical support.

The initial setup was straightforward. The client has got three people working for him.

For a small business buying individual licenses, it is an affordable solution.