Try our new research platform with insights from 80,000+ expert users
reviewer2013432 - PeerSpot reviewer
Lead System Engineer at a media company with 501-1,000 employees
Real User
Conditional Access we can block Windows XP machines and legacy applications and preventing phishing by blocking regions
Pros and Cons
  • "Two very important features in terms of security are governance and compliance through the Conditional Access policies and Azure Log Analytics."
  • "From an admin perspective, I would like to see improvement in the Microsoft Graph API."

What is our primary use case?

We use Azure AD to implement Conditional Access policies and privileged access management.

How has it helped my organization?

There are plenty of benefits. First, as we had Microsoft AD on-premises, it was very easy to configure Azure AD. We are using the password hash sync for authentication, so authentication on the cloud is very seamless when users use applications on the cloud. That is very important.

Also, with the help of sign-in logs, we are getting information about every application, such as where a user is trying to log in and from which device, making things very crystal clear. We only get this type of transparency and accuracy only from Azure AD.

We use the Conditional Access feature to fine-tune access. We implement a lot of access policies. For example, we want to get rid of client machines with Windows XP and some legacy applications, so we created access policies to prevent logins from those devices and those applications. We have also created policies to prevent logins from certain areas around the world. These abilities are very helpful in preventing phishing and scams.

In addition, there are so many tasks and activities that are automated in Azure AD. For example, we have enabled the password reset self-service so that users can reset a password themselves and log in to their accounts. That is one way it saves time for our help desk team. It no longer requires the help desk. From an administrative perspective, it's very convenient for us to manage and maintain the users of the organization. Azure AD is saving us 10 to 12 hours per week, and that's for just one person who would otherwise be responsible for resetting passwords.

The solution has also prevented so many potential cyber attacks, and that has saved us money. And by saving man-hours, we have saved money. Thirdly, we have been able to reduce manpower. I would estimate it has saved us 20 percent in terms of costs.

Another benefit is that, from a user perspective, it is very smooth and easy to sign in to all the Microsoft applications with the Azure AD sign-in. The UI is very intuitive for Microsoft accounts, so it's very easy for them to log in. We also have single sign-on enabled for desktops, so whenever a user signs in to an application on their machine, they don't need to sign in again and again. With the help of the same token, all other applications can be opened easily.

What is most valuable?

Two very important features in terms of security are governance and compliance through the Conditional Access policies and Azure Log Analytics.

Also, Azure AD provides a single pane of glass for managing user access.

I mainly work with the Microsoft Security portal so I can get access and privileges to maintain all the security policies, including Conditional Access policies and privilege access management for just-in-time access, as well as Azure AD sign-in logs. These factors are very important.

When it comes to managing identity, we have E5 licenses. We are using every application from Office 365, so it is very easy for us to manage identity with the help of all those applications. We are also using third-party applications that are integrated with Azure AD and that makes access management easy.

What needs improvement?

From an admin perspective, I would like to see improvement in the Microsoft Graph API.

Buyer's Guide
Microsoft Entra ID
June 2025
Learn what your peers think about Microsoft Entra ID. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,524 professionals have used our research since 2012.

For how long have I used the solution?

I have been using Azure Active Directory for six to seven years.

What do I think about the stability of the solution?

There are some bugs that we find monthly or quarterly, but all the bugs are fixed by Microsoft.

What do I think about the scalability of the solution?

It is scalable.

We have it deployed in Europe and there are about 15,000 users.

How are customer service and support?

I received good technical support when syncing on-premises users to Azure AD. It was very smooth. But for help with Conditional Access, I got poor support.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

We had on-premises AD and then we introduced Azure AD. We synced all the users from on-premises to Azure AD. Then, with Office 365, we installed Exchange Online and Teams. For single sign-on we have ADFS [Active Directory Federation Services] on-premises, but now we are migrating our applications to Azure AD SSO for single sign-on.

How was the initial setup?

The initial deployment was very straightforward. It only took a day to deploy. The plan was first to get information about our on-premises Active Directory users, computers, and groups, and then we had to determine how many licenses and which types of licenses we needed for those. We also had to think about which type of authentication method we were going to use.

Our deployment involved three to four people.

Maintenance is just checking for updates.

What's my experience with pricing, setup cost, and licensing?

Personally, I feel Microsoft is very costly compared to other products. That is also what management is thinking. But when we consider security and support, Microsoft is better than any other product. It is somehow justified, but I feel it is costly.

Which other solutions did I evaluate?

I have worked with Okta but for single sign-on only. It does not provide all the features or meet all our demands.

What other advice do I have?

If you want secure data and secure identities, go for Microsoft Azure AD.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Solution Architect at Komatsu
Real User
Great single sign-on provision, easy to deploy globally, and issue-free
Pros and Cons
  • "The best feature is the single sign-on provision for the various type of users."
  • "Technical support could be better."

What is our primary use case?

The primary use case is for the authentication of the users. We actually onboarded around 3000 to 4000 users at our go live, which are various application users from across the US and the other regions.

What is most valuable?

The best feature is the single sign-on provision for the various type of users. That is our sole purpose for working on that and utilizing that service as creating a custom solution for a single sign-on would be difficult when we have around 50 applications within our company that has been used by users across the globe. That includes North America plus Europe, Russia, and the Middle East. It is very difficult and complicated to do things on our own. Instead of doing that, we just acquired the service from Microsoft for single sign-on, and for that purpose, we are using the Microsoft Azure Active Directory authentication.

What needs improvement?

From our utilization perspective, they are providing almost everything. That said, the customization, like the data sharing between the application, is something that needs to be improved from their side. For example, we are sharing certain types of data. We have a container application structure, so we have a single sign-on application where we are using the Active Directory authentication, and when the user clicks on that application, the information of that user is passed to the child application, and the child application does not authenticate the user again. That is a single sign-on concept, which is available across 50 applications within that container. We pass a lot of various types of data, therefore, there's a limited capability of doing that in Microsoft Azure as, on the Azure Active Directory, we may be able to create some additional attributes, however, there are certain limitations.

Technical support could be better.

I haven't explored all aspects of the solution just yet. There's still more to look at.

For how long have I used the solution?

We've been using the solution for as far as our last project, in which is currently being used. We have been using it for the last four years.

What do I think about the stability of the solution?

This is a stable solution. Since our product went live in 2017, we never got an issue with respect to authentication.

What do I think about the scalability of the solution?

The product is scalable. It is not even region-specific. You can change the region. For example, if you want to target European users, you can simply purchase a plan for a European server or something like that. Currently, I know that our application is running in the United States region, and our targeted users are from the United States, so our application is working in the North American region, the east area.

How are customer service and support?

Technical support is a thing they need to improve a lot from their side.

The engineers from the Microsoft side are professional, however, the thing is they're working on the shifts. For example, if you encountered an issue which is affecting our production application, and we talk to a guy from Microsoft in Central Standard Time. While he will be available then if the issue is ongoing for more than eight hours, which exceeds their standard working hours, he will just put a hold on the call and will say that my next representative will get back to you on this issue, and when the next representative arrives you kind of need to start over.

How would you rate customer service and support?

Neutral

How was the initial setup?

The Active Directory just plays a role in authenticating the user, and it doesn't do anything else, just authentication. The services where the deployment is being done, that is a different thing. It is an application service in itself. We have an Azure Active Directory service. Besides that, we have application deployments or application services on Azure as well. That is a separate service, which is used for the deployment of the application, so when a user is accessing the application, he is redirected to the Microsoft Azure authentication application where the authentication is being performed. So far, the authentication has been performed, and that user is being redirected to our actual application, which has been deployed on the Azure service. Therefore, there isn't really a direct deployment per se for this product.

What's my experience with pricing, setup cost, and licensing?

I'm not familiar with the pricing aspect of the solution. The client deals with that end of things. My general understanding is that it is quite expensive.

What other advice do I have?

I'd rate the solution an eight out of ten. They do have an outstanding service compared to the competition. 

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Buyer's Guide
Microsoft Entra ID
June 2025
Learn what your peers think about Microsoft Entra ID. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
861,524 professionals have used our research since 2012.
Cyber Security architect at Avanade
Real User
Great multi-factor authentication and passwordless authentication and sign-in with support for SAML and OAuth
Pros and Cons
  • "The solution offers business to business and client to business support."
  • "Azure AD does not support legacy authentication protocols, such as NTLM or Kerberos."

What is our primary use case?

The main reason for implementing this solution was to help our customers to access internal or external resources seamlessly while allowing them to have full control over access and permissions. 

This enterprise identity service provided our customers with many security features such as single sign-on, multifactor authentication, and conditional access to guard against multiple cybersecurity attacks. 

Most of the clients have either Office 365 with hybrid solutions, a multi-cloud environment and they want to leverage Azure AD to manage access to those clouds or they have hybrid deployments with legacy apps on-premises and on the cloud as well. 

How has it helped my organization?

We have applied this solution to multiple organizations and it has helped them manage their environments efficiently. Moreover, it provided a high level of security and security features that are appreciated by most of our clients.

In hybrid scenarios, this is one of the best products you could have. It helped many of our customers to manage resources on-premises and in the cloud from a single dashboard. 

It helped our client to control permissions and review permissions for employees who have left the organization which kept them on-control over access and permissions granted to their employees.

What is most valuable?

The solution has many valuable aspects, including:

  • Password policy enforcement
  • Conditional access policies
  • Self-service password reset for could users and on-premises
  • Azure Active Directory Identity Protection
  • Privileged Identity Management
  • Multi-factor authentication 
  • Passwordless authentication and sign-in
  • Business to business and client to business support
  • Support for SAML and OAuth

There are many more features that are very useful and can be used as part of the P2 package. There is no need to install any agent or tool to utilize those features except when extending advanced features to the on-premises active directory.

What needs improvement?

I believe the product is perfect, however, it could be improved if it could integrate with other clouds with fewer efforts and provide the same functionality it provides to Microsoft products.

Most of the features come with a P1 or P2 license. With the free version, you do not get much.

The objects in Azure AD are not managed in organizational units similar to what you get in the windows server active directory, which makes it more difficult to delegate administrative tasks

Azure AD does not support legacy authentication protocols, such as NTLM or Kerberos.

Azure AD is unaware of group policies. If you would like to use the same on-premises group policies, then you need to use the passthrough authentication method with your existing on-premises AD servers. This would compromise the high availability of the cloud and create a single point of failure.

For how long have I used the solution?

I have been using this tool for more than five years.

What do I think about the stability of the solution?

A Very stable solution, I never saw the service down, unavailable, or anything like that.

What do I think about the scalability of the solution?

The solution is highly scalable. There are no worries at all about the bandwidth or any other concerns. 

How are customer service and support?

We've had a very positive experience and our clients are adopting it more as their sole identity and access management solution. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We did use the SailPoint Identity Platform. There was no cloud solution at that time which is why we switched.

How was the initial setup?

The ease of setup depends on the scenario and the use cases of your organization. 

What about the implementation team?

We are a vendor team and most of the implementation for enterprise clients is done via us or similar vendors. 

What was our ROI?

The solution has a high ROI when adopted properly in your organization.

What's my experience with pricing, setup cost, and licensing?

Make sure to check which features your organization requires. Find out if they are applicable to all users or just a bunch of them before deciding on buying a license.

Which other solutions did I evaluate?

We looked at many products, however, I do not want to mention the products' names. 

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer. We are a consulting company that provides IT services to enterprise clients
PeerSpot user
Hosman Rodriguez - PeerSpot reviewer
Senior Manager Compliance at Appalachian Group
Real User
Provides main authentication on our authorization platform to get access to our resources
Pros and Cons
  • "We're using the whole suite: device management, user credentials, everything that's possible."
  • "I think something that is key would be the group policies replication over the cloud, in order to prevent or to avoid relying on the on-premise Active Directory servers and to manage group policies."

What is our primary use case?

The solution is our main authentication on our authorization platform to get access to our resources.

The solution is deployed on cloud with Microsoft Azure as the provider. We have around 100 people using this solution in my organization. 

What is most valuable?

We're using the whole suite: device management, user credentials, everything that's possible.

What needs improvement?

I would not recommend any changes or improvements right now, in terms of the organization. I think something that is key would be the group policies replication over the cloud, in order to prevent or to avoid relying on the on-premise Active Directory servers and to manage group policies.

For how long have I used the solution?

I have been using this solution for a year.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

It is scalable.

We have plans to increase usage. We have been increasing over the past year. I believe we started with about 30 people, and now we have almost 100.

How are customer service and support?

We have only contacted technical support once or twice in the last year. They were very simple tasks.

How was the initial setup?

Setup was very simple initially. Deployment took no more than six weeks, and we only needed two people.

What about the implementation team?

We used a partner to help us and guide us on the deployment.

What's my experience with pricing, setup cost, and licensing?

The licensing costs are yearly. There is a standard fee per user.

What other advice do I have?

I would rate this solution 9 out of 10.

With a more complex environment, more complex tools are implemented. My thoughts are that they need to have a right and current inventory of applications that are compatible with single sign-on to properly implement that functionality, for example.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Mangesh Masaye - PeerSpot reviewer
Manager at UPL
Real User
Top 10
IAM service with seamless installation; has good authentication and single sign-on features
Pros and Cons
  • "Very stable and scalable IAM service with good SSO and authentication features."
  • "Though the installation was seamless, it took longer than expected to be completed."

What is our primary use case?

We use Azure Active Directory to add authentication for users when they sign into the applications. We also use it to provide single sign-on (SSO) to applications.

What is most valuable?

What I like most about Azure Active Directory is its SSO (single sign-on) feature, as we have a community of users with different IDs and passwords, and this feature helps integrate all these. 

For how long have I used the solution?

I've been using Azure Active Directory since 2016.

What do I think about the stability of the solution?

Azure Active Directory is a very stable solution.

What do I think about the scalability of the solution?

Azure Active Directory is scalable.

How are customer service and support?

The technical support for this solution is fine.

How was the initial setup?

Installing this solution was seamless, but it took time for it to complete. It took one month.

What about the implementation team?

We used an integrator to deploy Azure Active Directory.

What's my experience with pricing, setup cost, and licensing?

Azure Active Directory has different licensing plans. We're on a yearly subscription. It is expensive, but if you look at the technical benefits it provides, the price for it is decent. If the cost of the license could be lowered, then it would be better.

What other advice do I have?

Azure Active Directory is a cloud-based solution in which we have done our integration with our applications.

We currently have five or six different teams using this solution. We have three people with admin rights, 3 technicians, and a technical team. Some users have admin rights, e.g. general admin rights, while some have basic rights.

Our plan to increase the usage of Azure Active Directory depends on how many new employees will join the company. It could happen.

I'm recommending Azure Active Directory to other people who want to start using it because it meets requirements.

I'm giving Azure Active Directory a score of 10 out of 10.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer1263438 - PeerSpot reviewer
Lead Global Cloud Architect at a transportation company with 10,001+ employees
Real User
Good support for SAML 2.0 and OIDC-based setups for our remote identity providers
Pros and Cons
  • "The solution has come a long way. Now, with the Azure AD B2C offering integrated as well, we've got a full IAM-type solution for our customer-facing identity management. In addition, when it comes to user journeys we now can hook in custom flows for different credential checking and authorizations for specific conditional access."
  • "If somebody is using an IdP or an identity solution other than Active Directory, that's where you have to start jumping through some hoops... I don't think the solution is quite as third-party-centric as Okta or Auth0."

What is our primary use case?

We use Azure Active Directory for quite a few things. We use it for security group management of authorized principals who need access to get SSH-signed certificates for user logins. We use it for automated jot-based (JSON Web Token) self sign-on for our lowest, least privileged credentials on certain products. We also use AAD for B2B coordination of SSO when we're bringing users onto our platform, where they have Active Directory on their side. We use the OIDC-based SSO flows through AAD to merge project-level AADs back to our corporate AAD for internal single sign-on flows.

What is most valuable?

  • There is tech support to help with any OIDC-based setups between organizations.
  • It has good support for SAML 2.0 and OIDC-based setups for our remote identity providers.

The solution has come a long way. Now, with the Azure AD B2C offering integrated as well, we've got a full IAM-type solution for our customer-facing identity management. In addition, when it comes to user journeys we now can hook in custom flows for different credential checking and authorizations for specific conditional access. 

What needs improvement?

I don't think the documentation is where it needs to be yet, for user journeys and that type of flow. There is still trial and error that I would like to see cleaned up.

Also, they do have support for SAML 2.0 and it's very easy to set up linkages to other Active Directory customers. But if somebody is using an IdP or an identity solution other than Active Directory, that's where you have to start jumping through some hoops. So far, our largest customers are all using Active Directory, but I don't think the solution is quite as third-party-centric as Okta or Auth0. Those solutions have a lot of support for all kinds of IdPs you want to link up to.

Finally, a couple of months ago I was on a team that was looking at low-cost MFA for SSO, where we would control the MFA on our side, instead of having the remote database handle it. In those kinds of flows, there aren't as many off-the-shelf options as I would like. There were cost implications, if I recall, to turn on 2FA. Also, the linkages that they had set up off-the-shelf—obviously they had the Authenticator app—meant that if you wanted to do something with Duo Mobile or any of the other popular 2FA providers, it seems it might have taken us more time than we wanted to put into it.

For how long have I used the solution?

I have been using Azure Active Directory for a couple of years now.

What do I think about the stability of the solution?

The stability is great.

What do I think about the scalability of the solution?

The scalability is also great.

How are customer service and support?

We have an enterprise agreement with Microsoft, so we aren't typical folks. Through that agreement, we get a dedicated technical account manager and that person is able to escalate tickets when necessary. I have found Microsoft to be very responsive when needed, although we haven't really needed them that often.

Which solution did I use previously and why did I switch?

We use Azure a lot, and therefore, AAD was an obvious choice and we thought, "Why not use it?"

How was the initial setup?

They've done a good job on OIDC. That was a pretty simple, seamless setup. We've done that with multiple remote IdPs now, and I don't recall too many issues there.

What was our ROI?

There is much less cost investment going into it now. We didn't have to do a volume buy to get onto the platform. When it comes to ROI, there is low friction and a high, immediate return on investment.

What's my experience with pricing, setup cost, and licensing?

It's relatively inexpensive in comparison with third-party solutions. It's highly available and supported by Microsoft Azure in our enterprise agreements. With the addition of their B2C tenants, it's hard to beat from a cost perspective now.

They changed their pricing for B2B access. You used to need shared licenses so that, if you were paying for a Premium AAD on your side, that would allow you to have five shared external mapped users. They've blown that all up and it's now dirt cheap. It works out to pennies per user per month, instead of dollars. A P1 user license in their system was $6 per user per month, which is cost-prohibitive for a lot of B2B SSO flows, but now it's down in the pennies range.

Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
reviewer1752234 - PeerSpot reviewer
Systems Manager at a consultancy with 51-200 employees
Real User
Great security features with an enhanced GUI and multi-factor identification
Pros and Cons
  • "The security features are great. They will report in advance to you in the case of suspicious activity."
  • "The support could be better. Lately, they sort of dropped off a bit in terms of quality."

What is our primary use case?

I am a systems manager. I use Azure Active Directory every day for my support job.

Our authentication tools to single sign-on portals are hosted in different cloud products, like Amazon or GCP. So, we create an enterprise application and Azure Active Directory to give our users for authentication access to various public URLs.

How has it helped my organization?

Before Azure Active Directory, it took effort to provide cloud access to on-premises users. With Azure Active Directory and AD Connect, we are able to sync on-prem users to the cloud with minimal effort. We don't have to manage keeping multiple entities for the same user.

What is most valuable?

The multi-factor authentication (MFA) is one of the best aspects of the product. 

The security features are great. They will report in advance to you in the case of suspicious activity. 

The GUI is pretty enhanced. You can configure applications or do whatever they need to do. 

What needs improvement?

Azure Active Directory currently supports Linux machines. However, the problem is that you get either full or minimal access. It would be very nice if we could have some granular authorization modules in Azure Active Directory, then we could join it to the Linux machine and get elevated access as required. Right now, it is either full or nothing. I would like that to be improved. 

We have the ability to join Windows VMs to Azure. It would be nice if we could have some user logs, statistics, and monitoring with Azure Active Directory.

When we subscribe to MFA, the users get MFA tokens. However, it is not a straightforward process to embed any of the OTP providers. It would be good if Microsoft started embedding other third-party OTP solutions. That would be a huge enhancement.

For how long have I used the solution?

I have been using Active Directory for two years.

This product is used every second of every day.

What do I think about the stability of the solution?

The solution offers nice stability and performance. 

What do I think about the scalability of the solution?

In my organization, there might be as many as 60,000 people who utilize the solution. 

The scalability is awesome. You don't even need to think about scalability because Microsoft manages it.

We use it on a daily basis.

How are customer service and support?

The support could be better. Lately, they sort of dropped off a bit in terms of quality. Recently, Microsoft support has not been doing such a good job. Previously, they used to do a good job.

In the past, AD Connect was not syncing. It threw errors in the beginning. So, I had to call up technical support to solve the problem. At the time, we were satisfied with their assistance.

Which solution did I use previously and why did I switch?

I am also using AWS.

Azure Active Directory is not an Active Directory product. It is just the application proxy. You need to have an on-prem solution. Azure Active Directory would just be a proxy that uses the on-prem data and hosts the application. It is not a full-scale Active Directory solution. However, it has a lot of enhancements. The traditional on-prem Active Directory hosts the users and computers as well as some additional group objects. 

On the other hand, AWS Active Directory has all the capabilities of the traditional Active Directory with limited access for the administrator. All domain administration and sensitive credentials will be managed by AWS. So, you don't need to worry about application delays or syncing issues.  

How was the initial setup?

The initial setup is simple.

It is pretty easy to set up the product. You subscribe in Azure Active Directory. By default, it will have an extension where you need to register. If you need a custom domain name, then you need to register with your public DNS providers to create the DNS public entry. You will then have to prove that you own the domain name. Once it has been proven, then your Active Directory pretty much works. 

If you need to sync up your on-prem users with the Azure Active Directory, then you need to have an AD Connect server installed at the VM-level domain. It should be credentialed so AD Connect can use credentials to read your on-premises and sync it to the cloud. Once this has been done, you are good to go. As an enhancement, for whatever user you are syncing, you can mandate them by adding them to a group or rolling out an MFA policy.

What about the implementation team?

Since it is pretty straightforward, you just need one person to deploy it.

I implemented it in an hour.

Some maintenance is required. However, it is not on Azure Active Directory's part. Rather, it is for AD Connect. Often, we see that the connection is getting lost or something is not happening. Sometimes, port 443 might not be open from your on-prem Azure Active Directory. In that case, if you haven't implemented it in the beginning, then you need to do this. For a high availability solution, if you find that the machine is having additional issues, then you might need a higher AD Connect device. I would probably also deploy it with a different availability.

What's my experience with pricing, setup cost, and licensing?

The solution has three types of tiers:

  1. E1 has very basic features. 
  2. You get limited stuff in E2 and cannot have Office 360 associated with it. 
  3. E3 is on the costly side and has all the features.

If you need to have an Exchange subscription or email functionality, then you need to pay more for that.

What other advice do I have?

We are using both the on-premises version and the SaaS version.

I would advise potential new users to learn a bit about the product before jumping in. If you are new, you need to do background research about Azure Active Directory. You also need to understand its purpose and how you want to leverage it. When you have a draft architecture in place, then you can go ahead and implement this solution. If it needs to be reimplemented, it is just a matter of five minutes.

I would rate the solution as nine out of 10.

Which deployment model are you using for this solution?

Hybrid Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
PeerSpot user
Head, IT Infrastructure at a comms service provider with 201-500 employees
Real User
Integrates well with other applications and makes monitoring easy
Pros and Cons
  • "Application integration is easy. MFA and password self-service have reduced most of the supportive work of IT. We use multi-factor authentication. Every access from a user is through multi-factor authentication. There is no legacy authentication. We have blocked legacy authentication methods. For people who use the MDM on mobile, we push our application through Intune. In a hybrid environment, users can work from anywhere. With Intune, we can push policies and secure the data."

    What is our primary use case?

    We have integrated our internal applications and cloud applications with Azure AD. We also have a few external applications for which we need to implement a self-service portal and handle requests such as password reset.

    We have external applications such as Cloudspace, and we have integrated Azure AD with Cloudspace. We mainly use a single sign-on. Our main target is to go through all single sign-on applications and integrate them with Azure AD. We also need to audit everything in Office 365. Our mail system is Office 365, and we also do some auditing.

    We are also implementing Intune. We have deployed some basic policies for mobile devices, and we are working on improving those policies. We need to configure conditional access and improve policies for the applications and devices. We are doing some testing, and it is in progress.

    In terms of deployment, we have a hybrid deployment of Azure AD. We have the 2019 version of AD on-prem.

    How has it helped my organization?

    We are able to do complete onboarding through AD. The users have access through the AD login, which is synced with Azure AD. We have a hybrid environment, and every cloud application is accessed through AD. We have defined AD policies related to password expiration, limitations, etc. It has provided smoother accessibility.

    Previously, when we had on-premise AD, to reset their own passwords, users had to use a VPN or bring their laptop to the office. With self-service, users can easily change their passwords. This reduces the workload for IT support. If their password gets locked, they can unlock it themself by using Azure AD. Previously, it was also difficult to integrate with external applications, but with Azure AD, integration with external applications is easier. 

    Azure AD makes it easier to see and monitor everything in terms of access. We can see sign-in logs or audit logs, and we can also integrate devices by using Intune. So, we can manage BYOD devices inside the organization.

    What is most valuable?

    We are using Conditional Access, MFA, and AIP. We have integrated it with Intune, and we already have DLPs.

    Application integration is easy. MFA and password self-service have reduced most of the supportive work of IT. We use multi-factor authentication. Every access from a user is through multi-factor authentication. There is no legacy authentication. We have blocked legacy authentication methods. For people who use the MDM on mobile, we push our application through Intune. In a hybrid environment, users can work from anywhere. With Intune, we can push policies and secure the data. 

    The audit logs are very good for seeing everything.

    For how long have I used the solution?

    We started using it at the end of last year.

    What do I think about the stability of the solution?

    It is stable. I haven't faced any issues. There could be some issues related to syncing because of on-prem, but overall, it is quite stable.

    What do I think about the scalability of the solution?

    I don't have much experience with scalability. I only use tier one or Premium P1, and I want to move to Premium P2 that has more security levels and more advantages.

    In my previous companies, there were a thousand users. In my current company, we have less than 500 users. It is working fine, and there are no issues.

    We plan to expand our usage. If it is possible, we plan to upgrade our subscription to Premium P2. We have introduced it to one or two companies who were looking for such a solution. We have already introduced the Azure AD hybrid platform for companies that had only an on-prem setup.

    How are customer service and support?

    Sometimes, there are issues, but they are usually because of user mistakes. We are able to fix such issues. We are able to find the issue and do troubleshooting. We are able to find information about what is wrong and how to fix it. 

    Their support is okay. They are able to resolve the issue, but sometimes, there is a delay because the ticket goes to the wrong person or the wrong time zone. I would rate them an eight or a nine out of 10.

    Which solution did I use previously and why did I switch?

    We have only been using Microsoft solutions.

    How was the initial setup?

    It is easy to deploy and not complex, but it also depends on your requirements. We have tenants and subscriptions, and we connect AD to Azure AD through Azure AD Connect, and they are periodically synced.

    The connectivity took a day or two. It doesn't take long. Sometimes, there could be issues with on-prem because of not having a standardized setup or because of parameter duplication, but after we resolve the issues, it doesn't take long. For its setup, only one person is generally required.

    What about the implementation team?

    It was implemented by me, and I also had one guy's support. 

    Our infrastructure team takes care of the maintenance part. They are taking care of monitoring. If there is an alert or something happens, they take care of it. It doesn't require much maintenance. One person can manage it.

    What was our ROI?

    We have been able to achieve our target and requirements for security. After the move to Azure AD, the security level is high. The users have to change passwords and do MFA a few times if something goes wrong, and if they can't, the device is going to block them. Sometimes, users are not happy, but at the organizational level, it is good. It is costly, but the improvement is good in terms of performance and security.

    What's my experience with pricing, setup cost, and licensing?

    It is a packaged license. We have a Premium P1 subscription of Office 365, and it came with that.

    Which other solutions did I evaluate?

    Two or three years ago, we were looking at some open-source solutions.

    What other advice do I have?

    I would rate Azure Active Directory a nine out of 10.

    Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
    PeerSpot user
    Buyer's Guide
    Download our free Microsoft Entra ID Report and get advice and tips from experienced pros sharing their opinions.
    Updated: June 2025
    Buyer's Guide
    Download our free Microsoft Entra ID Report and get advice and tips from experienced pros sharing their opinions.