Microsoft Entra ID Reviews

The primary use case is collaboration. So it's all about federation of identity and permissions.

Identity is one of those things that you need to be separate from your actual tenant. There's a benefit for it being separated from your actual tenant for reasons of security and containerization. 

It's very easy to run and it's part of their ecosystem and I don't think it's going anywhere anytime soon.

Back in '96, '97, '98, nobody was doing intake. So that was a new thing that came in 2000. And it created the container based inherited permissions, which was new for that stage. Before that it was very static, there wasn't inheritance, there wasn't assertions. Then they introduced that and they've slowly built it, and then it just got too big and old, and really the database that MT's on is just vulnerable to all these attacks. And that's primarily why they want people to get off it. There's about four or five open attacks that make it very easy to both intercept the credential requests, and also attack the database itself.

The ability to speed up delivery is a nice benefit, because rather than having external dependencies there's a certain guarantee that if you use anything within that technology platform. Whether it's full of applications, or various other things, there havee already been regression tests by the vendor. And you don't see the same defects that you get when you have integrated systems.

The fact that it's an ecosystem in itself is probably the best one. It fits into the whole Microsoft stack. Everything this year is all about stacks, and I tend to agree. The inter-operability  and complexity of things these days is just too big. These things change too much. So you don't really want to be stuck between three technology stacks that are changing. If there's a defect, you won't know which one it's in. Trying to hold the service provider to account is quite hard. I'd probably say, yeah, stay with the stack if you can.

I guess price would be the thing, and some of the proprietary lock-in. But, I guess documentation and support would be good.

The features are fine. I wouldn't suggest any features because you can keep adding to it. But, its simplicity is that it works under its own ecosystem. It's nice and reliable. If you start adding all these extra things to it, it'll probably cause complications with some of the legacy things that are still slowly just hanging onto them. But, to look at more documentation, engineering, or an open standard would be nice.

It's like any technology. It appears that if it did have stability problems they don't really exist anymore in the same way. It's like any introductory development technology. Because its identity, it has to be perfect. It is either secure, or it's not, and unfortunately there's a million ways for things to go wrong and there's only one way for things to go right when there's no give. You do see a lot of issues with it at the beginning.

It is mathematical. So, it's like most things. Took a while to get the XAML certificates and all that sort of stuff working. But,now it's a very common thing. You get a session certificate on your phone when you're doing things. When you join a session on your browser on your mobile phone. It's just very common things now.

I'd say there's about 5,600 users of this solution in our organization.

There are set rules. But, it's a security mechanism. If you try and get your swipe card pass for your office, and then you try and integrate it with one across the road, they're literally being designed not to integrate with each other by design. This is because if you want it secure, you don't want to have it integrate. The same thing works with changing the posture of something after you've initiated it. Expect this sort of behavior.

The tech support is OK. I'm talking more about the engineering structure of it. As I said, you can understand why security things have a tendency to not document it, because it's one of those things. Do you want more people to review it and make it harder, or do you want to covet it and reduce the exposure of it?  It's catch 22. You're damned if you do, damned if you don't. Doesn't matter which way you go.

We have prior experiene with Novell. 

It's easy in its essence, but part of the ease is like anything that seems easy is generally complex when you try and fix it because you've skipped over so many configurations. It's like a wizard that you go, "Yep, it's done." And then it breaks, and you say to yourself, "Oh, hang on, I clicked one button. How could I have done that differently?" It's a lot more stable than it used to be. They've got into a maturity plateau where they're not developing it anymore within for reasons of functionality and the product doesn't really break much.

There's no such thing as a "free lunch." If you'd save money here, it costs money there. If you pay more upfront, you pay less when you get off. The market equals itself out, like a free market. So, it generally does. It's more about convenience at the end of the day.

As a user, I'm not an owner of the tech, so as a consumer, even if I am a specialist, I still don't own the technology. I just want to lease it, subscribe it and make sure that the owners of it are able to meet the facilities of it in its life-cycle.

There's a couple of other options on the market like Okta, and a few things like that. They're quite simple, and because they're separate from the whole Microsoft ecosystem, they do have some benefits in that they're completely focused on only that product and only that requirement. With Microsoft, they're like an octopus. They have so many different requirements and priorities that sometimes they don't invest all their energy into the products that you have expectations to investigate.

Last year Microsoft had said that the onsite Active Directory ,as we know it, is going to be deprecated. So that means group policy, that means security groups, the NTLM and all that  we've relied on for so long is going to come to an end with this modern management philosophy. That's why I did those group policy changes. From group policy, which is essentially the ability to control the operating environments of managed devices, rather than that, Microsoft wants only a mobile device management policy. So it's pretty much a HTTPS or SSL assertion to manage devices off the domain, and they will all come from Intune.

So, they're not going to be managed by a set of static policies. They're going to be set by a whole heap of compliances. Does that make more sense? It's not conforming. It's when you assert yourself, and us for a particular requirement from the domain. They check your requirements per request, which takes the load off the environment quite a bit. So they only validate you when you ask.

It's a lot easier to get an engineer to understand the Microsoft stack then some esoteric random "Joe." There's just are not enough people in the field.

You're better off creating a pilot tenant on your own. You can set up one that's free using one of their 30 day trials, and while you're doing that try and make it as realistic as you can to the environment you're coming from. Make sure that it is true in terms of network, commissuib and integration. If you're going to use a MDN for mobile device management, or you're going to use applications for the federated sign-ons. Try and get as much as you can in it. You've got 30 days and they're quite liberal with allowing you to trial it.

Most of the capabilities are there internally. You can't expose external DNS names or anything and use it as an external platform, but internally you can. So spin up a VM or something internally and do the same things you would. I'd dare say: test it and prove it. You've got to prove it to yourself before anybody. I wouldn't trust anything from a brochure or anything else. Your reputation's on the line. You're doing something important for someone else and you've got to verify it yourself and put it through the paces. Spend enough time doing proof of concepts and pilots.

It's a very good solution.  You can manage your entity's enterprise identity using Azure Active Directory, and again, you can do several administrative activities. You can also use your Power Shares sorting and interfacing the endpoint.

It helps us with maintaining enterprise identities and integrating enterprise in those applications are some of the assignments.

We do have an expanded feature. We have captured video, so that other people can get their hands on getting used to it. That is, they can get used to the platform and implement it from the beginning.

We find the Integration accessory integration the most valuable feature. You can have your application integrated with an actual directory. You don't need to do much code, you can use interfaces and it's a direct integration. So, no need to worry about the requirements of your application.

The licensing cost is a bit prohibitive.

Less than one year.

I have not encountered any issues of stability with the product.

It scales as far as it depends on the contract. So, it is useful, with plenty of management capabilities. It is pretty flexible, scaling, you can scale in or out as per your requirements.

I have not contacted tech support.

It is a very straightforward implementation, and you pay as you go. It depends on your number of users, number of applications integrated, and how you prepare your topologies (the arrangements of the network). So, it is pretty much flexible. You can custom tailor it as per your business and target , business implementation and requirement. 

I have some prior experience with Oracle Unified Directory, as well. It is a less compliant directory service. 

In comparison, Azure Active Directory is mostly used with tighter integration. In most of the cases, enterprises are using Office 365 for the communication site online. If you have a requirement like integration with Office 365, then Azure Active Directory is a perfect solution. If you want to integrate other applications or workstations, you can use any compliant directory that works.

We primarily use this solution for tracking authentication.

The quantum we are using is probably the authentication The security-based factor of authentication.

The most valuable feature is the factor identification. I find that it is natural integration, and it is just a natural step. I do not need to do anything else.

I think there is room for improvement with actually discussing, and advertising Microsoft as a an authenticator. Many people just get confused and use Google. It's weird because it's exactly the same way that it works. But it's there, it's definite region to start the people is more used to use their the Google authenticator instead of the Microsoft authentication. I think if Microsoft would make more of an effort to penetrate the market, that would be key.

In addition, it would be nice to have a biometric authentication like voice ID, or any of your medical ID. This would be a nice additional feature for Azure to have.

We experienced the aset surge that happened a month or so ago. There was a storm that broke one of the data centers in south-central. The functionality of active directive for Microsoft support was in shortage.  It took a day to return back to functional use.

The solution is scalable for our needs.

I have not needed to request technical support. All of the Microsoft guides are really good and are very helpful.

I know more about Microsoft than any other technology, that's why I didn't look for any other competitors.

It was a very straightforward initial setup. To be honest, we are a pretty small company so for us it's one portal and everything is there. It's not that complicated.

I like it, I love it and it works fine.

Anyone who moves to Azure must have Azure Active Directory.

Azure Active Directory is identity management.

It's something we have to deal with every day. It is present. If you're in a domain environment, you'll need it to log in. If you work in a Microsoft-centric environment, you can't avoid it.

It's in the background and anyone who is a member of a Windows domain must have it.

Many people believe that the Azure Active Directory is overly complicated and antiquated.

Active Directory Windows hasn't evolved that much in over 20 years. Azure Active Directory, has a few nuanced elements. It's fairly straightforward.

I have been dealing with Azure Active Directory for well over 25 years.

Azure Active Directory is very stable.

Azure Active Directory is quite scalable.

When you've been dealing with a piece of technology for 25 years, it's simple, but the public perceives it to be complicated and antiquated.

Active Directory is a Windows component that requires a per-user license. If you're on Azure, it can be free or it's incorporated,  at no extra cost, or it can become extremely complicated.

If there is a cost, it is not expensive, but you have to have it if you are running an Active Directory environment. It's a have to have, not a nice to have.

We are partners with Microsoft.

I would rate Azure Active Directory an eight out of ten.

The active directory on Microsoft Azure is similar to the corresponding system for an on-premise active directory.

I have no issues with Azure Active Directory.

Our users and clients are migrating from on-premises solutions to cloud-based solutions. As a result, they do not require on-premise service. 

What I like is that I can go anywhere, at any time, and to any client premise, and I can simply log in to the admin panel and can serve any of my clients.

Instead of using Team Viewer, you connect to their local service, which is centralized. I have got the Microsoft exchange, and have access to Microsoft Azure. I can check the workstations, and perhaps soon I will be using Microsoft Intune and the Microsoft Defender enterprise. Even if I am not on the premises, I will be able to check and secure my workstations.

I don't have any major problems. I don't use it in a way that requires a lot of resources.

The main issue is that because Active Directory is in the cloud, it will inevitably be dependent on internet connectivity.

It would be beneficial if Microsoft could make it lighter so that it requires fewer resources.

Better pricing will help us market it more than having it on-premises.

Azure Active Directory was implemented one year ago.

For the time being it has been stable. I have a small number of clients, and no hybrid system. We chose those clients with a maximum of twenty users. We don't want large clients so that we can implement one system in one location, and roll it out the same way to all of the clients.

In total, I have 10 clients, five of those are now users of Azure Active Directory.

By the end of the year, we hope to have all of our clients using Microsoft Azure.

New clients are immediately placed on Microsoft Azure.

The Microsoft team in Mauritius has been extremely helpful in implementing systems and resolving issues. We have small clients who have not been faced with many issues.

We deploy the M365 business premium services and a couple of months ago we started to implement 365 Defender. It is a cloud-based solution.

We're new to it. For the time being, we are only using the antivirus component. We haven't used Intune yet. We are not using the entire package. We are only now going to put such solutions into action.

Microsoft Azure was implemented a year ago, and is only used for the creation of users and emails, group emails, and shared boxes, but my clients are mostly lawyers. So, the primary uses are online email exchange and word processing.

We are trying to implement Microsoft Azure more and more.

Azure is the central point. Microsoft Azure is replacing my on-premises service.

The installation is rather straightforward.

We had some assistance from the local Microsoft team.

Licensing fees are paid on a monthly basis.

When I calculated the price, it appeared to be nearly the same as the on-premise server. 

Better pricing would attract customers to use the cloud.

We haven't had to deal with any major recovery issues.

We have had Excel and Word files that were simply recoverable. We backup the server, but nothing more serious than that.

We are Microsoft centric solution providers.

We have very small clients, companies with 20 to 30 users of Excel, Word, and the internet. We deploy Microsoft 365 platforms, not much in the way of large software applications.

I would recommend this solution to others, and I am already promoting it. 

I am suggesting that all of my clients migrate from on-premise active directory to a Microsoft view because, with the current COVID, many of our users work from home. I just wanted to point out that almost all of our users work from home. They are currently working on the roaster. Half of the company works from home, while the other half works on-site. Having active and SharePoint, is really assisting them in working from home.

I would rate Azure Active Directory a nine out of ten.

Containerization is mainly what I've been dealing with lately. I've been trying to provide solutions with Active Directory and cloud resolutions so that Edge services can communicate properly to the main data centers.

We use Active Directory for global authentication.

The advantage of Azure Active Directory is that it's a cloud environment, so just about anybody can get to it. As long as you can get to the cloud, you can get to the internet. You can authenticate offshore resources to client services, which is what my present company does. That kind of authentication is much more advantageous as an Active Directory solution.

If you want to replicate a website at the frontend in Azure, it's very easy to do it globally.

As soon as you authenticate to the web storage, where you hit the frontend, then you can redirect to whatever resources locally that are duplicated.

It doesn't function the same way as Active Directory inside of a physical infrastructure. Even VMware Active Directory doesn't function the same way in the cloud. Cloud is all flat. That's one of the disadvantages. You can authenticate through Active Directory through Federated Services, but it's mainly like an IIS web frontend and bulk storage.

It's all record based.

I've dealt with Azure Active Directory for about three years.

It is a cloud solution.

Stability-wise, it is much more secure and stable than AWS. Oddly enough, a lot of people think that AWS has many more regions and sites. It's actually not true. Azure has far more. There's a good reason why the government jumped right on Azure and uses it for their internal resources.

It is very scalable.

Microsoft technical support is very responsive. If you buy the enterprise package, then when you call them, they will jump right in and help you out.

When one of our clients had a ransomware outbreak, Microsoft helped them solve quite a lot and helped them get up and running.

The initial setup is very straightforward. Microsoft is very good about helping you get things set up, and they're very responsive.

We evaluated AWS AD. AWS support will provide bits and pieces, but Microsoft will jump in and help out. Of course, you have to pay the price for the corporate support, but who wouldn't want that, especially when your whole environment is a Microsoft environment.

It works really well, and I would rate it at nine on a scale from one to ten. You need good training, and Microsoft will provide that for free as part of their package.

We are using it for authentication. We are using GPOs for user and computer policies.

The central authentication server is most valuable. GPOs are useful for user and computer policies.

Its price should be improved. It is very expensive for Turkish people.

We have been using Azure Active Directory for about six months. This is a new company, and we started to use new IT solutions. We bought a lot of IT solutions, equipment, and tools. 

It is stable. 

At the end of the project, about 1,200 people will use this solution. We don't have any plans to increase its usage.

We didn't use Microsoft's support. We have mostly Turkish or local solution partners for any help. 

I didn't use any other solution.

It was not easy. It was also not difficult. It took about a month.

We used a solution partner for its deployment. For maintenance, we would have about 10 engineers for 1,200 people.

It is very expensive. Its price should be lower. Price is the most important factor for Turkish people. 

This is the best solution for authorization. I would rate it a nine out of 10.

We are using the solution primarily for demo purposes. We use active data cases from Microsoft. You can run different kinds of virtual machines and different kinds of services. We're currently using it in production.

It's very smooth and very easy to use. 

The performance is good. 

The product is stable.

It's quite scalable.

The initial setup is not complex.

We would like to see more system updates. They should happen more frequently.

I've used the solution for a while. 

The stability has been good. There are no bugs or glitches. It doesn't crash or freeze. It's reliable. 

The solution can scale if you need it to.

About350 people use the solution in our organization.

Their support is not great when you are using cloud solutions, however, when you are using cloud solutions, it's very smooth and very effective. We haven't had any issues. 

I'm not sure if a different solution was used previously.

The installation was not complex. It was pretty simple and pretty straightforward.

The deployment is pretty fast. It takes ten minutes, at a maximum, to set up.

You only need one person for deployment and maintenance. 

I didn't need the help of any third-party integrator or consultant. I was able to handle it myself. 

The solution is pretty affordable. Sometimes you can get a Microsoft voucher to get some sort of discount.

I'd rate the solution a ten out of ten.