The solution is primarily used for handling user permission and containing with the Online Exchange. It's for handling user passwords, user permissions, all of the privileges, and for using Azure Active Directory for the Online Exchange.
Senior System & Security Administrator at a retailer with 51-200 employees
Good performance and easy to install with good connectivity to our on-premise Active Directory
Pros and Cons
- "The scalability of the product is decent."
- "The synchronization with the local Active Directory and synchronization with all of the users on the local and cloud could be better."
What is our primary use case?
What is most valuable?
We're satisfied with the product in general.
The most valuable aspect of the solution is the connectivity with our on-premise Active Directory.
We've found the performance to be very good.
The stability is good.
The scalability of the product is decent.
The installation process is straightforward.
What needs improvement?
The synchronization with the local Active Directory and synchronization with all of the users on the local and cloud could be better. Every user on the cloud and the on-premise local users should have a connection, have the same privilege, the same features. We should be able to change passwords from the local and have it synchronized with the cloud users.
For how long have I used the solution?
I've used the solution for four years. It's been a while.
Buyer's Guide
Microsoft Entra ID
July 2025

Learn what your peers think about Microsoft Entra ID. Get advice and tips from experienced pros sharing their opinions. Updated: July 2025.
862,514 professionals have used our research since 2012.
What do I think about the stability of the solution?
The stability is good. The solution offers good performance. There are no bugs or glitches. It doesn't crash or freeze. It's reliable.
What do I think about the scalability of the solution?
We've found the scalability of the product to be very good. There aren't any issues with expanding as needed.
In my organization, we have about 25 users. I deployed it for another organization as my company is a service consultant. Therefore, I do this installation for other users and other companies. There are about 60 users in one and another has 100 users. Another company has only 20 users there. The amount of users each organization has varies.
We do plan to grow our team and possibly use the solution more.
How are customer service and support?
I have contacted technical support from Microsoft many times, including when the mailing system is down or when I have a problem with Active Directory or Azure. I contact the help desk for Microsoft, and they reply to me in about one hour and help me to solve any issue. It takes about three or four hours and at that point usually, everything is resolved.
How was the initial setup?
The initial setup was very straightforward and simple. It was not overly complex or difficult. We didn't have any problems with the process.
The deployment for the local setup takes some time. For the cloud, it's very straightforward, and it takes no time at all. It takes about two hours to totally install the hybrid, the connection, and go on with the application.
We have about five people who can handle deployment and maintenance duties. That includes me and five engineers.
What about the implementation team?
I can handle the implementation myself. I do not need the help of an integrator or consultant.
What's my experience with pricing, setup cost, and licensing?
We have many customers that purchase licensing agreements with Azure. Typically they are charged per user.
What other advice do I have?
We're a partner.
I would recommend the solution to others. If they just read a bit about it and connect with Microsoft, they'll likely get some good advice as to how to use it.
I'd rate it at a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner

Sr. System Engineer at PT Smartfren Telecom Tbk
Helpful support, useful policy management, and priced well
Pros and Cons
- "Azure Active Directory has useful policy assigning and management."
- "I had some issues with the Azure Active Directory on Windows XP. However, it worked well on Windows 7."
What is our primary use case?
We use Azure Active Directory to make the computers have policies that we inspect. This allows us to deploy software and block the CMD from the user. Additionally, we deploy the desktop systems with password policies.
How has it helped my organization?
Azure Active Directory has helped the organization maintain the user policies of their computer systems.
What is most valuable?
Azure Active Directory has useful policy assigning and management.
What needs improvement?
I had some issues with the Azure Active Directory on Windows XP. However, it worked well on Windows 7.
The password policy that we had in place caused some system lockups.
For how long have I used the solution?
I have used Azure Active Directory within the last 12 months.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
Azure Active Directory is easy to scale. You can add new employees, by adding their device to the domain assisting.
We have approximately 300 people using this solution in my organization.
My organization plans to continue to use Azure Active Directory.
How are customer service and support?
The technical support has been helpful.
How was the initial setup?
The installation was simple. I did the flash OS installation, created the role of the Active Directory, and deployed the GPO. The full process of implementation takes approximately one hour and setting the Active Directory domain takes approximately 30 minutes.
What about the implementation team?
I did the implementation of Azure Active Directory.
What was our ROI?
The company I work for has more than 10 branches, we no longer have to go to the branch outside the city to have the application installed on the user's devices. When you have Active Directory, you only need to connect it to the device and then the information will automatically populate. The process was more automated.
What's my experience with pricing, setup cost, and licensing?
The price of the solution's license is good.
What other advice do I have?
I rate Azure Active Directory an eight of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Buyer's Guide
Microsoft Entra ID
July 2025

Learn what your peers think about Microsoft Entra ID. Get advice and tips from experienced pros sharing their opinions. Updated: July 2025.
862,514 professionals have used our research since 2012.
Executive Director at a financial services firm with 1,001-5,000 employees
Gives users seamless integration with many products, streamlining user experience, helping them get things done
Pros and Cons
- "The single sign-on across multiple platforms is really the true advantage here. That gives you one ID and password for access to all your systems. You don't need to manage a plethora of different user IDs and passwords to all the systems that you're going to access."
- "The downside is that we now have all our eggs in one basket with Microsoft. We have this great authentication and single sign-on, but if Microsoft has an outage in North America or globally, on Outlook or Teams, we're dead in the water... We get some type of hiccup once a quarter."
What is our primary use case?
Active Directory is used for authentication and provisioning for users and devices and granting them access.
We're in a hybrid mode where we still have on-prem controllers as well.
How has it helped my organization?
The beauty is that it affords us more of an anytime, anywhere operation because we're not tied to an on-prem solution. From a customer experience standpoint, users don't really care about what goes on behind the scenes technically. They just want their lives to be easier. Now that they can access Office 365 globally, anywhere from any device, that's huge. That helps productivity and gives them the ability to get work done. And having to manage fewer passwords and user IDs is another true advantage.
The solution gives users seamless integration to all these products and streamlines the user experience. That's definitely been a pro.
In this completely upside-down world that we're in these days, with most people elsewhere and very few people in the office, it gives us tremendous flexibility for keeping people productive and providing them with access to the data and tools that they need to perform their jobs. It has given us the opportunity to move to this more mobile environment.
Also, the SSO aspect improves our security posture because people aren't writing down or creating a list of all their passwords. Now they only have to remember one. It has definitely made it easier for them to manage. In addition, we've introduced MFA so that whenever you sign in, you're also challenged for approval on your mobile device. That adds to the security.
What is most valuable?
The single sign-on across multiple platforms is really the true advantage here. That gives you one ID and password for access to all your systems. You don't need to manage a plethora of different user IDs and passwords to all the systems that you're going to access.
What needs improvement?
The downside is that we now have all our eggs in one basket with Microsoft. We have this great authentication and single sign-on, but if Microsoft has an outage in North America or globally, on Outlook or Teams, we're dead in the water. There is no drop-back-and-punt. There is no "Plan B." The bottom line is that if their services go down, our productivity goes with it. Working with them when we have outages can be very frustrating. We get some type of hiccup once a quarter.
We get service notifications from them all the time that the services are under investigation or that there is some type of issue. More than the headache of not completely understanding the severity, we have to make sure that we communicate with our end-users. We get to the point where we're potentially "crying wolf." We're telling them there's a problem but some people don't have the problem. Then they get to the point where they just ignore our communication.
Outages can last hours, but never more than a day. They can be regional outages where one area is affected and other areas aren't. The advantage is that it could be evening or night in the area that is down, so it's less impactful.
For how long have I used the solution?
I've been using Azure Active Directory at my current company for just about four years.
What do I think about the stability of the solution?
My impression of the stability is mixed. If it were really working correctly, it should be able to digest these outages by rerouting us to other areas. But that doesn't happen.
What do I think about the scalability of the solution?
We have a global footprint, so it scales globally, no doubt.
How are customer service and support?
Tech support from Microsoft has been cumbersome for Office 365. We don't really get the answers we want in a timely manner. There are times that we get the runaround, and that's the downside to being an early adopter and being on the leading edge. Sometimes we have to sometimes QA and work out issues with their products, which I'd rather not have to do.
A larger shop, like a Goldman Sachs or a JP Morgan, is not going to adopt this stuff until it's mature. And that means that smaller companies, like ours, have worked out the kinks.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
Before AAD we used the on-prem version with on-prem controllers. We went with AAD because there was no other option. We had their on-prem solution, and in the evolution directed by our CTO, everything is moving to the cloud. The next logical next step was to move to AAD.
How was the initial setup?
I didn't set it up, the guys who work for me did it. I think it was fairly complex because we're about to go through an acquisition and we are going to merge them into our tenant. We have to outsource some of that work to a third party to assist us with that because we don't have the in-house skills.
What's my experience with pricing, setup cost, and licensing?
Costs are constantly being managed. We don't really have a choice. It's the one shop in town. If you want this, you have to pay for it. We have an E5 license, which I believe is the most expensive license.
What other advice do I have?
From an AAD standpoint, I don't think we've had any issues. The data replicates correctly and no one really has a problem with their credentials from AAD. It's meeting our expectations.
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
Network and Computer Systems Administrator at Bahwan
It's compatible with a lot of vendors, and we have multiple products integrated with it
Pros and Cons
- "The best thing about Active Directory is its compatibility. It works with lots of third-party vendors. We're using multiple products, and they're all integrated with our Active Directory."
- "Active Directory could always be more secure. Right now, we've got two-factor authentications. All services based on Active Directory have a username and password. If somebody hacked our username, they could easily get all the data from our side. So I want two-factor authentication and a stronger password policy from Active Directory. The domain controllers should be more secure as well."
What is our primary use case?
We use Active Directory to manage our main database and control students and staff access with rules and passwords. Usernames, emails, etc., are all integrated with Active Directory. Office 365 is also integrated with our Active Directory.
What is most valuable?
The best thing about Active Directory is its compatibility. It works with lots of third-party vendors. We're using multiple products, and they're all integrated with our Active Directory.
What needs improvement?
Active Directory could always be more secure. Right now, we've got two-factor authentications. All services based on Active Directory have a username and password. If somebody hacked our username, they could easily get all the data from our side. So I want two-factor authentication and a stronger password policy from Active Directory. The domain controllers should be more secure as well.
For how long have I used the solution?
We've been using Microsoft Active Directory for more than 10 years.
What do I think about the stability of the solution?
Active Directory is a stable, scalable product.
How are customer service and support?
Microsoft technical support is very good. They call us back and resolve the problem.
How was the initial setup?
The setup is effortless because we've been using this solution for a while. We are familiar with the setup now, so it's easier.
What's my experience with pricing, setup cost, and licensing?
We get a discount because we're working in the education sector.
What other advice do I have?
I rate Active Directory eight out of 10. I think this is a good product. Most enterprises are using this. We don't currently have any plans to switch, but we're planning to migrate more into the cloud. However, cloud service is still costly, so we are working on the premiums. I would recommend Active Directory for any large-scale company, organization, or university.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: My company has a business relationship with this vendor other than being a customer. partner
Cloud Architect at a hospitality company with 1-10 employees
Allows for privileged access, is easy to set up, and offers good stability
Pros and Cons
- "Azure AD has features that have helped improve our security posture."
- "My understanding is, in the future, they will be able to bring everything into one single platform and they are not there yet."
What is our primary use case?
The solution allows us to assign and give the access and controls. It allows us to monitor privileges with the users so that we can then be in control of the access given to digital resources.
How has it helped my organization?
The best example of how it has helped our organization is when we migrated toward Azure. We were able to take all the users which were there on-prem and migrated them over. If those facilities were not there in Azure Active Directory, then we would likely have to create individual users and one by one give them specific access. We'd have to look at their needs and set authentication. It would be hard to control users that needed higher admin-level access. Without the Active Directory, we would not have the control we needed.
What is most valuable?
Azure AD has features that have helped improve our security posture. That's one of the basic fundamentals of having an Active Directory. The whole concept of Azure Active Directory came from the Active Directory on-prem version. There’s this tunnel of authentication that it has.
When you migrate, you can migrate your Active Directory on-prem onto the Azure Active Directory which has tightly integrated features due to the fact that they both are from Microsoft. Based on that, you can give access based on what privileges are needed. Basically, if you're talking about security, everything is related to role-based access. The security aspect is linked to providing the proper access.
What needs improvement?
My understanding is, in the future, they will be able to bring everything into one single platform and they are not there yet. We are loving third-party authentication, however, those authentications will be further scrutinized by AD itself.
For example, if you want to book a flight, you go to any website to book. Booking the flight can be divided into two parts. One is creating a log-in with a particular website and then booking. However, if there are five to ten websites and you want to compare prices on all of them. You aren’t going to set up a log-in for each and every site. That's not feasible.
Instead, you can use your own login credentials, for example, from your Hotmail or Google account. Then, you have a token authenticated by Google, et cetera, which gives you the privilege to do the booking for a particular session. This is similar to what Azure AD should do in the future for authentication and allowing access.
For how long have I used the solution?
I've been using the solution for at least four to five years.
What do I think about the stability of the solution?
The stability is good. It's always there. If it is down then that's it. Anyone can log in. Anyone can do anything, whatever they want to do. That's why it's considered the backbone of the security pillar. There has never been any downtime, however.
What do I think about the scalability of the solution?
Azure AD is scalable. You don't need to take care of it as it's a part of the service which is taken care of by Azure itself based on how our company grows. Basically, it's a hidden feature, and scaling it for the end-user is always happening. It's always scaling.
We have about 3,000 users on Azure AD currently.
How are customer service and support?
I've been working as an architect and therefore have never directly dealt with technical support.
Which solution did I use previously and why did I switch?
I work on different platforms. For example, I work on AWS and GCP (Google Cloud Platform), et cetera. Azure AD is very good and very powerful and offers a basic foundation having the highest status or dominance in terms of providing access management. It's tightly getting integrated with the on-premise solutions. That’s true irrespective of what cloud you're using - whether GCP, AWS, Oracle, or IBM - whatever the cloud provider, you're using the services you will be using a laptop or dashboard.
We are now working remotely. However, having remote access doesn't mean that you are not entering the company premises virtually. Basically, everything is going through your company's network. You're just going through to a cloud. You can move across platforms to validate. You can still use the AWS site to authenticate and verify the users. No matter the cloud, you’re still using Azure AD to get access.
How was the initial setup?
I wouldn't say the initial setup is complex. If you have a good understanding of the product, you can break down your tasks. Then, slowly, step by step you can complete all the tasks.
Our operations team did the migration from on-prem AD to Azure AD. Therefore, I cannot speak to the exact length of time it took. My work was to design the architect and provide them with the solution.
What was our ROI?
I have clients who have seen an ROI.
What other advice do I have?
I'm not a Microsoft partner. I work as a consultant.
I'm predominantly using the SaaS deployment version.
My advice to potential users is on the security side. There was a famous article on Gartner which clearly stated that by the end of about 2023 or 2024 if someone tries to access your network or if anything becomes accessible or has been exposed, it is not the cloud provider that is the problem. It is due to a misconfiguration of the services.
It's not really with the user. It's really with how and what kind of access you provide to that user. For example, if I give someone an admin status, and they provide access to someone, they are providing not only basic access, they’re giving access privilege or admin rights. If they’re giving admin rights to the wrong person, even though they may have the best intentions, due to a lack of knowledge, that person may do something stupid and it may be a disaster to the company. That has nothing to do with the AD users themselves. You need to be aware of the security and the access that you're granting your users at all times.
I'd rate the solution at a nine out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Senior Support Engineer at a tech services company with 1,001-5,000 employees
Enables synchronization of user information with third-party applications like Atlassian or GoToMeeting
Pros and Cons
- "If a company has hundreds of users that already exist in the cloud, and it now wants to enable those same users to be present in third-party applications that their business uses, like Atlassian or GoToMeeting, the provisioning technology can assist in achieving that."
- "The Cloud Provisioning Agent cannot provision a lot of the information that AD Connect does. For starters, the lightweight version cannot synchronize device information. If you have computers on-premises, the information about them will not be synchronized by the Cloud Provisioning Agent. In addition, if you have a user on the cloud and he changes his password, that information should be written back to the on-premises instance. But that workflow cannot be done with the lightweight agent. It can only be done with the more robust version."
What is our primary use case?
When a customer is trying to synchronize user information from their on-premises environment to the cloud, they might be encountering a series of errors or they may not be able to achieve what they are trying to achieve. They will raise a ticket so that somebody can help resolve the problem or clarify the situation and explain what the workflow should be like. That's where I often come in.
My support scope is focused on the synchronization aspect of Azure Active Directory. My specialty covers scenarios where customers have information in their on-premises environment and they want to synchronize their Active Directory information into the cloud with Azure Active Directory.
In addition to getting on calls and assisting customers to resolve issues, we also try to help educate customers on how to achieve the best results with Microsoft products.
How has it helped my organization?
In terms of the security posture of my customers, in the area of my specialization—the synchronization of information from on-premises to the cloud—there's an aspect we call TLS. There was a version of TLS that was not really secure, but Microsoft has now pushed and made sure that everything running in its platform uses a higher version, TLS 1.2. That means that when you are doing directory synchronization, your machine and your product need to be TLS 1.2 enabled. Microsoft is always working on enforcing the use of the most secure means to carry out whatever workloads customers are running. While my day-to-day job does not involve an emphasis on security, the areas that do involve security elements are emphasized to make things work effectively.
It also helps when you're troubleshooting. If you have an issue, it's easier for a user to look at it and say, "Okay, this is the problem," and to work on it.
What is most valuable?
An aspect of Azure's synchronization technology is called the provisioning service. It's the technology that takes user information from Azure AD into third-party applications. If a company has hundreds of users that already exist in the cloud, and it now wants to enable those same users to be present in third-party applications that their business uses, like Atlassian or GoToMeeting, the provisioning technology can assist in achieving that.
Over the years, the performance of this particular technology has greatly improved. I have seen its evolution and growth. Customers see much more robust performance from that technology and it gives them an easy way to set up their environments. The product has been designed quite well and customer feedback has also been taken into consideration. You can even see the progress of the process: how the user is being created and sent over to the third-party application.
What needs improvement?
Recently, Microsoft has developed lightweight synchronization software, the Cloud Provisioning Agent, to do the job of the preceding, heavier version called AD Connect. You can do a lot more with AD Connect, but it can take a lot of expertise to manage and maintain it. As a result, customers were raising a lot of tickets. So Microsoft developed the lightweight version. However, there are still a lot of features that the Cloud Provisioning Agent lacks. I would like to see it upgraded.
The Cloud Provisioning Agent cannot provision a lot of the information that AD Connect does. For starters, the lightweight version cannot synchronize device information. If you have computers on-premises, the information about them will not be synchronized by the Cloud Provisioning Agent. In addition, if you have a user on the cloud and he changes his password, that information should be written back to the on-premises instance. But that workflow cannot be done with the lightweight agent. It can only be done with the more robust version.
I believe the Cloud Provisioning Agent will be upgraded eventually, it's just a matter of time.
For how long have I used the solution?
I've been using the Azure Active Directory platform for a little over three years. I started supporting the product in October of 2018.
Our company is a Microsoft partner. When Microsoft customers raise tickets, most of these tickets get routed to partners like us. I follow up on and assist customers when they have issues that relate to my area of expertise.
What do I think about the stability of the solution?
Azure AD is solid because of the way the product is designed and because the people who support it are very good.
What do I think about the scalability of the solution?
Microsoft is a very big organization. Whenever they put products on the market, they take things like scalability into consideration. They make sure the life cycle of the product matches the demands and the usage of customers. This product should have a long life in the market.
How are customer service and support?
Microsoft technical support is great. Fantastic. Microsoft is looking to push the capabilities of its products, to enable customers to achieve more.
What other advice do I have?
In general, there has been improvement in the way the technology can be used by end-users. Their feedback has been taken into consideration and that has helped a great deal.
Azure AD has features that have been developed purely for the security of users. It has things like Conditional Access policies and MFA. But the nature of the support that I provide in Azure AD doesn't focus on security. While Azure AD gives a company a holistic way to manage user profiles, I don't usually work on security aspects. But I do know that, to a large extent, the solution is built using the latest security.
The provisioning service I support has authentication methods. There has been a push by Microsoft to move customers away from certain authentication mechanisms that are not very strong in terms of security, and to make sure that secure standards are being enforced. I have looked at integrations set up by customers where they have only done the basic minimum in terms of security. Microsoft had to push those customers towards a much more secure setup. So customers are getting better security.
Overall, the effect of the product on my customers' experience has been good. I generally come into the picture when customers are having an issue. Most customers I've interacted with don't understand some information or why the product is designed the way it is. When I explain that it has to be this way so that they can do what they need to do, the customer feedback comes in at about an eight out of 10.
Disclosure: My company has a business relationship with this vendor other than being a customer. Partner
IT Manager at EPC Power Corp.
Scalable and accessible cloud-based solution.
Pros and Cons
- "It is cloud based so it is always updated,"
- "Some systems do not integrate very well with Azure AD. We thought of going for Okta, but later on we were able to achieve it, but not the way we wanted. It was not as easy as we thought it would be. The integration was not very seamless."
What is our primary use case?
What is most valuable?
In terms of the features that I have found most valuable, it is cloud based so it is always updated, that part you don't have to take care of. It is public cloud. It is actually AD as a service, so it's a kind of an infrastructure. It is more infrastructure as a service.
What needs improvement?
We had some issues with the migration of users from the local user accounts to Azure AD. It was more like a local issue and had nothing to do with the Azure AD itself. It works fine for SSO, the Single Sign On. We were not able to do the integration very easily with ADP, so that was a challenge, but later on it was resolved. We had to do a lot of things to have that on the configuration. Some systems do not integrate very well with Azure AD. We thought of going for Okta, but later on we were able to achieve it, but not the way we wanted. It was not as easy as we thought it would be, the integration was not very seamless.
Additionally, it would be great if they added support for more applications in terms of integration for SSO. That's the only thing that I find missing for Azure AD.
For how long have I used the solution?
We have been using Azure Active Directory for the last six months. We didn't do any migration from on-premise Active Directory to Azure AD on the cloud. What we did when we were setting up the computers was to join users to Azure AD and apply some conditional policies and everything works fine. We don't have any issues. The only thing we face are some problems with some computers because they were using it locally and we had a lot of data. So when we did the migration to Azure AD, we also had to move all the user settings data, the complete user profile, to the Azure AD account, as well. That was a challenge, but I was able to use ProfWiz to move data between user profile.
What do I think about the stability of the solution?
There are not any bugs or glitches that I can recall. So far everything is working well.
What do I think about the scalability of the solution?
Scalability is one of the reasons we selected Azure Active Directory. It scales very well.
For now there are almost a hundred users using it, but we are adding more.
How are customer service and technical support?
We contacted support only one time and it was not related to SSO. We had some questions about their subscription and it was good.
Which solution did I use previously and why did I switch?
When I was working with another company, we were using on-premise Azure Active Directory. We didn't want to invest in the infrastructure to maintain it, to get the license, so it was not very cost effective for us. We had a meeting with the management and saw that Azure AD would be very cost effective, scalable, and more secure, especially in terms of SSO and MFA, which were some of our requirements. We didn't want Active Directory on premise. It was not easy to do the migration.
How was the initial setup?
The initial setup is not very difficult, especially if you start using it straight away. But if you do the migration, I think that might be a challenge. Fortunately, we started directly from Azure AD, we didn't have to do any migration from Azure AD On-premise to the cloud. It was pretty straightforward and easy. We didn't face any difficulties.
What other advice do I have?
It depends on their requirements and what they are trying to achieve. One shoe does not fit all feet, so that's why it might be different from company to company. For us, it met all our requirements. It was very scalable, which is huge, and just always available. You don't have to be very worried about maintaining your own hardware, your own infrastructure, updating the servers from time to time or caring about securing your on-premise infrastructure. Azure AD is a good solution. I am satisfied with it so far and everything works great.
On a scale of one to ten, I would give Azure Active Directory a nine.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Identity Engineer at a pharma/biotech company with 10,001+ employees
Robust identity platform, reasonably priced, and has responsive support
Pros and Cons
- "The most valuable features of this solution are security, the conditional access feature, and multifactor authentication."
- "The management interface has some areas that need improvement."
What is our primary use case?
I use this solution as an identity platform for Microsoft Applications including Office 365. We have found that users have third-party applications for authentication using an integrated identity infrastructure.
What is most valuable?
The most valuable features of this solution are security, the conditional access feature, and multifactor authentication.
The conditional access policies allow us to restrict logins based on security parameters. It helps us to reduce attacks for a more secure environment.
Multifactor authentication is for a more secure way of authenticating our use.
All our on-premises identities are synchronized to Azure Active Directory. We have an advanced license that enables conditional access based on logins, and suspicious behaviors.
Active Directory is able to determine if a particular user signing in from a trusted IP or if there are two different sign-ins from two different locations. It will flag this latter incident as a potential compromise of a user's account.
In terms of security, it provides us with the features to alert us if there are any fraudulent attempts from a user identity perspective.
It provides access to our Azure infrastructure and allows us to assign roles and specific aspects to different subscriptions. It has several built-in roles that you can assign to individual users based on their job scope. It allows for granular provisioning.
With onboarding applications, you are able to register applications in Azure Active Directory, which allows you to use it as a portal for access as well.
Azure Active Directory enhances the user experience because they do not have various IDs for different applications. They are using one single on-premises ID to synchronize and they are able to access various different applications that are presented to them.
If you have a new application, you will export the application within Azure AD and we add access to those who need that application and you are able to use the corporate ID and password to access it.
Azure Active Directory is a good platform for us. We rely heavily on providing our users a good system and interface that we seldom have issues with.
What needs improvement?
The management interface has some areas that need improvement. It doesn't give you an overview similar to a dashboard view for Azure Active Directory. The view can be complicated. There are many different tabs and you have to drill down into each individual area to find additional information.
There are too many features available, more than we can use.
For how long have I used the solution?
I have been using Azure Active Directory for three years.
What do I think about the stability of the solution?
It's quite stable. There are no issues with the stability.
The identity platform is quite robust.
What do I think about the scalability of the solution?
It is very scalable. We have deployed it globally for approximately 10,000 users and experienced not many issues. In fact, we have not encountered any issues so far.
How are customer service and technical support?
Generally, we don't have issues that require technical support. We have multiple domains within the Azure AD and we had an issue where SharePoint users were not able to access the domain.
We had a prompt response and were able to identify what the issue was. We were given specific tasks which led to resolving the issue.
I would rate the technical support a nine out of ten.
Which solution did I use previously and why did I switch?
Previously, we did not use another solution. Primarily it was an on-premises Active Directory that we synchronized to the cloud.
How was the initial setup?
The initial setup was completed by a separate team.
We have five global administrators who are primarily responsible for providing access and assigning roles for all the various different groups and teams that have different subscriptions, and they will manage their subscriptions based on the roles that they are assigned.
In terms of deployment, Active Directory ensures that there is express route connectivity from an on-premises data center to Azure and ensures that there are sufficient redundancies in Azure Active Directory Connect Servers and Domain Controllers.
What was our ROI?
We have seen a return on our investment. I would say that it is one of the key components of our identity solution
What's my experience with pricing, setup cost, and licensing?
The pricing is very flexible. There are a few tiers of licensing, and it is a part of an enterprise contract.
It is bundled with other services and the pricing is quite reasonable.
Which other solutions did I evaluate?
We did not evaluate other solutions.
What other advice do I have?
I would strongly recommend implementing Azure Active Directory.
For new organizations, it would be best to start implementing directly on the cloud, and for our existing organizations who have on-premises solutions, it would be seamless to synchronize the on-premises user with the cloud and use that.
I would rate Azure Active Directory a nine out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.

Buyer's Guide
Download our free Microsoft Entra ID Report and get advice and tips from experienced pros
sharing their opinions.
Updated: July 2025
Product Categories
Single Sign-On (SSO) Authentication Systems Identity Management (IM) Identity and Access Management as a Service (IDaaS) (IAMaaS) Access Management Microsoft Security SuitePopular Comparisons
Microsoft Intune
Microsoft Defender for Endpoint
Microsoft Defender for Office 365
Microsoft Sentinel
Microsoft Defender XDR
Microsoft Purview Data Governance
Azure Key Vault
SailPoint Identity Security Cloud
Workspace ONE UEM
Azure Front Door
Omada Identity
Cloudflare One
Microsoft Defender for Cloud Apps
Microsoft Purview Data Loss Prevention
Okta Workforce Identity
Buyer's Guide
Download our free Microsoft Entra ID Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What do you think of the integration of Azure AD Services, Defender for Endpoint, and Intune as comprehensive security solutions?
- What are the biggest differences between Google Cloud Identity and Microsoft Azure Active Directory?
- How does Duo Security compare with Microsoft Authenticator?
- How does Microsoft Authenticator compare with Forinet FortiToken?
- When evaluating Single Sign-On, what aspect do you think is the most important to look for?
- CA SiteMinder vs IBM Tivoli Access Manager
- How much time does SSO save?
- Why is SSO needed?
- What single sign-on platform do you recommend?
- Why is Single Sign-On (SSO) important for companies?