Microsoft Entra ID Reviews

My organization uses Microsoft Entra ID for some people who access Azure, especially for people who need Azure for different things. My organization deals with people transitioning from a standard data center environment into a cloud-based one to meet their needs. My organization has certain conditional access to certain people because we have access to government and cloud services or a commercial environment, along with different versions of each of those across different groups. I would say that most of our organization's work is just giving conditional access to people and occasionally vendors, but nothing too absurd.

I don't want to say that the product hasn't improved anything for my organization. The problem with the solution stems more or less from the fact that technology is moving ahead, and my organization needs to try to keep up with the changes, which makes it a new way of doing things that will be applicable to the future. Maybe if we could transition to certain things faster, I would have seen the product's full benefits. Since the areas of transitions related to the solution are slow, I haven't experienced the full depth of what I can do with the product.

The most valuable feature of the solution is its ability to delegate roles to each individual resource, which is great. I think the aforementioned feature is better done in the solution itself than with an actual local AD.

I wish transitioning from Microsoft Active Directory to Microsoft Entra ID was a little easier, and I didn't have to learn so many new concepts. I faced difficulties from Micorosft's end and during the transition from Microsoft Active Directory to Microsoft Entra ID. Sometimes, some of Microsoft's documentation could be a little outdated. The product doesn't meet the organization's niche requirements, especially in our environment. Microsoft Entra ID is not a very standard product.

When I think about the trade-off I have had to go for to get the aforementioned feature, it does annoy me. For me, I can't mirror accounts with the solution. I need to consider that we have so many groups and subscriptions, and I can't just see a blanket of their different individual roles in every single resource if I create an account for someone who takes over a job in the organization. In the solution, some people might have specific roles in one resource, which might be the only thing in there. With Microsoft Entra ID, I can't view every instance, and I have to go one by one subscription all the way down, which is a huge pain when you have 400 to 500 subscriptions. The aforementioned aspects can be considered for the improvement of the solution.

I have been using Microsoft Entra ID for the last five years, but not at its full capacity because, in our organization, we have to ensure that we help with the migration process of different governmental agencies piece by piece since we are a multi-cloud, multi-tenant, multi-forested environment. My organization is a customer of the product.

When it comes to the technical support for the product, I have a representative who works for me, making the support good since I can have him put under fire. I have had some issues with the tool. The IT security audits that come under Microsoft Services Hub are something we needed in Microsoft Gov cloud, and there's only a certain region of Microsoft Gov cloud that supports it, meaning you cannot use Microsoft Services Hub on it, which is all fine as you just have to run it either for by line or you have to run it from within Azure's portal. I had three separate calls with Microsoft's technical support about it, and it was the third tech person who told me after looking at the ticket raised by my organization with the support that the support team had not even finished adding our ticket to their list, which to me was like an organizational issue. Apart from the aforementioned issue I faced with the support team, I feel everything else has been fine. I wouldn't go around saying that Microsoft offers bad technical support.

I rate the technical support a seven out of ten.

Neutral

As the product already existed before I joined my current organization, I was not involved in its deployment phase. I have some past experience with the deployment processes of Microsoft Entra ID and Microsoft Active Directory. The deployment process of Microsoft Entra ID was easy, and it is not anything different or terrible.

The time for deployment of the tool depends on the client or the project my organization deals with, and a lot of the clients I have worked for are pretty small teams. I haven't had to do too much in terms of deployment.

My organization hasn't considered switching to a different product, but I know that we have some AWS environments with IAM solutions.

It is easy to use the solution's offering of a single pane of glass for managing user access if you have experience with Azure for a while. During the transitioning period, the depth that revolves around the concepts of blades in Azure can be annoying, especially while attempting to relearn the new places where everything is stored. It feels like Microsoft invented a new language for their new system, but a lot of it is just like an updated version of what it was. I have many people at work who have never heard of Microsoft Entra ID and claim to use Microsoft Active Directory without realizing they are the same. Microsoft Entra ID is just a new version of Microsoft Active Directory.

As a product that offers a single pane of glass, it works great and offers consistency to our organization's security policies if I consider the little or limited Azure we have.

My organization hasn't implemented the tool over 900 other devices yet, so I don't know how it will work after that.

Microsoft Entra Verified ID is good when it comes to privacy and control of identity data. Regarding Microsoft Entra ID, my organization sees a lot of contractors and vendors that come in, which gives us confidence or at least ways to sell it to politicians who have confidence that we can do something.

My organization uses Microsoft Entra Permissions Management, but we are not too in-depth into it. I feel Microsoft Entra Permissions Management is nice. I believe that Microsoft Entra Permissions Management helps reduce risk surface. I don't like one of the top-level tenants in the product. As the product goes down into different resources or subscriptions, I see that agencies own them. Sometimes, I feel my organization's offerings look good, but when I dig into the offerings of other agencies, I realize that we are not good.

The time-saving capabilities of the solution experienced by IT administrators or the HR department in my organization have been more or less the same.

I haven't seen the budget in a way that can help me figure out if using the solution in my organization has helped save money.

I rate the overall tool an eight out of ten.

I use it to manage users and devices in my environment. 

I'm also using it to control access to different services that we have and to manage and register applications. It is used to control access to applications that we use in our company. I do a lot of applications in Azure Active Directory, and then I also have a hybrid configuration in my environment. I'm able to sync my on-premise users in the cloud so they can have the benefit of cloud infrastructure while maintaining access control to provide them access to the services that they need in Azure.

The product provides very good time savings. It also allows for a high level of security.

We get alerts when something has happened and it's easy for me to find the issue. It makes it easy to reset passwords. 

We have all the security features in one place and we have log analytics and diagnostics as well. It's very good for identity governance. 

We have an unlimited number of users that we can register. We can register more than five hundred thousand objects. That is wonderful for us.

We can have an audit and we can easily audit logs. I'm able to know when the user logged in and what program they used. I can track everything. I can see activities and denial of access. 

I can create many users at one time using Excel. When we have a lot of people that join, I can just use Excel to perform the deployment of the platform by creating a user. It makes onboarding easier. 

We can manage access and onboarding by teams. It allows us to maintain privilege identity management.

The Entra admin center is also fabulous. 

The product provides a single pane of glass for managing user access. Everything is there. I can monitor from there. I can create a single sign on from there. I can create MFA (multifactor authentication) directly from the portal. I have more than two thousand devices that I manage and I can do everything centrally. 

The single pane of glass affects the consistency of the security policies we apply. It is easy for me to have access to the panel, and I can have a great view of what is going on in my Active Directory. I have a security score. I have the number of groups, number of applications, and number of devices right in front of me, in one place. This makes it easy for me to monitor it and check everything. 

There are good tutorials available for learning more about the product.

We are using the conditional access feature. We also leverage multi-factor authentication so that we can verify users by phone number, for example. It helps us verify effectively. The conditional access feature works well with Microsoft Endpoint Manager.

We use the verified ID to onboard new employees efficiently. We can now onboard in less than 30 minutes. It's also great for privacy and control.

The employee user experience has been positive. When they submit a ticket, it gets resolved in less than 15 minutes. It's very impressive.

I haven't had any issues with the product.

I've been using the product for three years.

The stability is wonderful. I'd rate it 9.5 out of ten. It's the best.

The scalability is good. It's very scalable. 

I've only reached out to technical support once when I was trying to access our agreement account. They set up a meeting and guided me through how to connect to it. I had a positive experience. 

I have used other cloud technologies like AWS or Google Cloud and they don't have the type of active directory where I can control everything. Azure is very powerful.

Previously, all of our active directory was on a Windows Server on-prem. Managing it was not easy. Finding user accounts, going to log in to the Windows server, going to log in to the active directory, et cetera, that previous process was too long. Now, it's easy. Now, you can log in and you have everything in front of you. 

With the old system, we needed to configure it and we were using Okta and we had a combination of many, many tools to be able to get results. Now, we can assign the role directly from OneClick, and we can also use the PowerShift LiveGuard template and it's easy. 

The product is easy to set up. You can set up an entire organization in one day. 

There is no maintenance needed. Microsoft takes care of everything. We just make sure that we check the synchronization. Even if there is a sync error, we will receive a notification. Usually, it fixes itself and syncs every hour.  

We handled the setup in-house.

We've saved more than 20 hours per week. The product is saving us a lot of time. It cut time spent by 45% to 50%. It's also saved us money as we only pay for what we use.

We pay monthly, and we only pay for what we use.

We are a Microsoft customer. 

I'd advise potential new users to read the documentation and make sure that they know what they are doing before they begin providing access to users. If they don't follow the requirements of their company before creating users, they could have a data breach or provide the wrong access.

You can have a centralized solution that provides secure access. You can manage everything from one portal. Azure makes it easy.

I'd rate the product ten out of ten.

We are a university using Azure AD to authenticate staff, faculty, and students. Our organization completely depends on Azure Active Directory for authentication and identity-related features. All cloud activities and third-party services are validated with Azure Active Directory.

We also have an on-premises Active Directory, and the data is synced periodically to the cloud. Most of the services done on-premises are reflected in the cloud at once. We can also do the same handling features from the cloud to write back to the on-premises AD. This is the architecture.

We are implementing more and more services in the cloud on Azure and AWS, so we need to monitor our data security thoroughly. It's always a concern. Azure Active Directory enables us to easily validate the identity of anyone who connects to a particular server. We need to validate our data properly. For example, we must ensure our research data is going to the right person and place. Microsoft Azure Active Directory provides the easiest way to do that.

The Conditional Access feature lets us restrict access to a group of people on specific servers. We create a group in the Azure Active Directory and put only the necessary members there. For example, we can easily set up conditional access to SSH, Telnet, SSH, HTTPS, or any service with Azure Active Directory. 

We plan to implement Zero Trust in many of our other devices. It is an essential feature because users from multiple countries are accessing our research servers. We can provide a highly secure environment with minimum services without compromising productivity with a Zero Trust strategy.

We have wireless units deployed across the campus and use Microsoft AD services to authenticate all wireless activities. Many of the use cases are covered by wireless. After authentication, some users need to be redirected to the cloud. Their identities can be easily validated and captured with Microsoft AD. It gives us excellent control over our on-premise infrastructure.

Verified ID has helped us with our remote workforce. We provide VPNs to our remote employees so they can connect to our cloud services, authenticate with Azure, and be granted the necessary access. We provide policies for each user basis. Users in each category connect to the VPN, authenticate with their Azure credentials, and securely access all the cloud services.

We give provisioned laptops to our remote employees. With the help of this VPN, they spend less time coming to work in person because they have full-time access from home. So that way, we could reduce most of our official requirements concerning our employees. 

Privacy is a crucial security concern for our organization. With Verified ID, we can ideally authenticate Microsoft services without worrying about compromised identities. We used to have these issues with on-premise Active Directory, but this is less of a problem since we migrated to Azure Active Directory.

Our HR department can easily get a complete report on our users. HR can see specific fields, like designation, school, businesses, etc., if they need it from the Azure AD. They can also get the usage logs. They don't need to store all this manually for each person. They can easily get all the reporting parameters from this.

Azure AD saves us a lot of time. On any given day, it will save around four hours. It also saves us money because we don't need to pay for the resources required to have Active Directory on-premises. If we relied on on-premises Active Directory, it would require data center resources, like air-conditioning, power,  hardware, etc. We save considerable money by deploying it on the cloud. Percentage-wise, I think we could save around 40 percent. 

Azure Active Directory has improved our overall user experience. I would rate it a nine out of ten. Our users are delighted.

Azure Active Directory's single sign-on feature has been helpful because users don't need to authenticate again and again each time they access it. Users only need to sign in the first time, and Azure handles everything. We haven't experienced any errors or security-related issues in the past four years. Many people use our protection servers from outside, requiring multi-factor authentication. Each authentication is logged precisely.

In addition to the SSO, Azure AD is entirely flexible. We have other Microsoft services running on-premises, so Microsoft Azure AD allows us to sync other Microsoft services completely. This is perfect for us.

Microsoft Entra offers a single pane of glass for managing users and cloud services on multiple platforms. It all requires authentication and validation of user data, so Azure AD helps us to authenticate each user's identity without any security compromises. 

Microsoft has an excellent administration portal that enables us to sync our on-premise Active Directory automatically with the cloud. Any on-premise policy changes are reflected on the cloud. There are various options for each user on the admin portal. You can change user passwords and other attributes or configure a policy for forgotten passwords. A writeback feature can also reflect changes from the cloud to the on-premise environment. If you change the password from the cloud admin center, it gets reflected here.

Microsoft Azure AD Connect has a multi-factor authentication. Multi-factor authentication is a crucial feature, but we only require MFA for specific servers in the cloud. With Microsoft Azure AD Connect, we can specify the users and servers that require multi-factor authentication.

Azure Active Directory integrates well with other third-party applications. Third-party hosted solutions have the option. We can even create applications with Microsoft Azure AD. When users log in to Microsoft Azure AD, their credentials are stored in the application, and we don't need to get them on-premise Active Directory. So, it is an essential feature for us.

Microsoft services and most familiar third-party applications are currently supported, but we can't find many other platforms that integrate with Office 365 or Azure Active Directory. Microsoft should develop connectors for different applications and collaborate more with other vendors to cover a broader range of applications.

We have been using Azure Active Directory for four years. 

Microsoft services have a reputation for complete reliability, so we expect the same from Microsoft Azure AD. It doesn't disappoint because most of the on-premise features extend to the cloud. Plus, Microsoft Azure AD has additional features, configuration, and single sign-on capabilities. It's a complete package for this authentication and validation purpose. Most of our users are pretty happy with this product.

Azure AD is completely scalable. We can add unlimited users.

I rate Microsoft's support a ten out of ten. Microsoft technical support is excellent

Positive

Previously, we have used on-premise Active Directory.

Setting up Azure Active Directory was a bit complex. The migration process is somewhat challenging because we don't want to lose any on-premise data. Each user has many parameters and access policies already set. Without even changing the password, we were able to sync all this data to Microsoft Azure AD. It was a complex procedure because Azure AD Connect has to be deployed correctly. We required help from Microsoft's technical support to do this.

Our initial deployment required three system admins and took around one week, but it took around six months to import all our users and get everything working properly. After deployment, Azure AD doesn't require any maintenance because everything happens in the cloud. We don't need to bother with anything.

The return on investment is pretty massive. We save time and money. It helps us even if we opt for a subscription. We save a considerable amount of time with the cloud version because it has various features unavailable in the on-premises Active Directory that save time for the system administrators. We can concentrate resources on hiring other staff instead of system administrators. All the features are within the cloud itself, so it reduces the maintenance costs of an on-premise server. 

Active Directory is bundled with a package of Microsoft services, so it doesn't cost much. I don't know about the individual license of Active Directory. 

I rate Azure Active Directory a ten out of ten. I would prefer Azure AD to have multiple application scenarios requiring a single sign-on facility and complete authentication, validation, and security tracking. 

If they require it in their application, even if it is an on-premise or a host application, I would prefer Microsoft Azure AD because it handles all this simultaneously. No other application covers a complete range of activities in an all-in-one solution. 

We use the solution to cover Microsoft 365 licenses.

We strive to provide our users with the easiest and fastest way possible to access. Most users view the single pane of glass as a feature that is beneficial. However, the security policy is more difficult to implement and must be managed and measured by the administration.

I give Entra Admin Center for managing all identity and access tasks in our organization an eight out of ten.

We use the Apple environment. When we tried to implement Azure Active Directory in our service, it was a bit difficult. So, we chose to use an alternative such as Okta. However, Azure Active Directory is very valuable because it connects with Apple School Manager itself. I would rate Azure Active Directory an eight out of ten.

Entra saved us about one hour per month.

The overall employee user experience with Entra is a seven out of ten.

We use Active Directory to manage our Microsoft 365 licenses. The solution is very easy to use. We conducted some tests to connect this with our MBM through the identity tools, which was also very easy. We just had to follow a few steps, but we needed to be more technically prepared.

Active Directory is easy to maintain due to our control of identities. We have a controller in place to maintain and clean the Active Directory, providing new identities and removing those no longer in use.

The most valuable feature of Azure AD is its ability to connect with services outside of Microsoft, although documentation is necessary to properly implement these connections. Azure AD is a reliable and well-tested solution, so it is arguably the most popular of its kind. While Azure AD may not be the easiest to use, it covers a wide range of areas.

Using Microsoft Endpoint Manager is not difficult. We must select two out of six or eight options for Entra's conditional access. To avoid invading privacy, such as requesting a phone number or personal email, we must opt for validation via an app.

Microsoft Entra Verified ID is straightforward, but the only option to apply is to install it on our mobile device.

Microsoft Entra Verified ID is an option we offer to employees, but most of them opt to use other identification methods instead of installing the app on their devices.

I give Microsoft Entra Verified ID's privacy and control of identity data a six out of ten.

I don't feel the Entra admin center offers a single pane of glass for managing user access because we have to use more resources and it is not user-friendly.

The user sign-on experience was ultimately satisfactory, but the process of finding the best configuration was somewhat arduous due to the protection of licenses or access; the users were confronted with strict instructions on how to log on and were required to select two options to do so, such as providing a cell number or personal email or using an app to connect and verify the two steps. This was not easy for the users to feel comfortable with.

The implementation of the conditional access feature was challenging due to our users' unfamiliarity with this type of login. Managing it was difficult.

The solution can improve the educational portion because it is an administration cost.

I have been using the solution for two years.

The solution is extremely stable. I give the stability a ten out of ten.

The solution is easily scalable. I give the scalability a nine out of ten.

The technical support is good.

Positive

The initial setup was straightforward. We had Microsoft's support within our company, and the local provider in Mexico was very easy to use. We only used this part for Microsoft 365. Connecting with our MBM provider was the same process and easy to do due to all the documentation; we simply followed the steps.

One person was used for the deployment.

The implementation was completed through a reseller.

We have seen a return on investment.

The pricing for Azure Active Directory is affordable; I would rate the cost a six out of ten. As an educational company, we have access to very good discounts on the solution, making it even more affordable.

When comparing Okta and Entra as authentication services, Okta is the market leader and is my preferred choice.

I give the solution a nine out of ten.

We must go through the test and assess how users can be more comfortable using the combination. The administration area is the most difficult, as our users have to install an application on their personal cell phones or provide a number, which is challenging. Our staff is quite particular about privacy.

New employees may not be aware of the backend efforts to protect licenses and secure information when we ask them to use Microsoft Entra Verified ID. This is not intended to be intrusive, but when we ask a user to install the Endpoint on their personal cell phone, they may be hesitant and not want to be inconvenienced on a personal level. They would prefer the onboarding process to be easy and not involve these methods. They just want to enter a simple password and move on.

I recommend looking for documentation on Azure, as it is a huge service with great potential and can connect to many other services. Learning about Azure is very interesting.

We're using Azure Active Directory to get authentication from Office 365, and along with this, we're using it for infrastructure-as-a-service authentication. For all the virtual machines hosted on Azure right now, we're getting authentication from Azure Active Directory.

In addition to these, we're using some other SaaS or software-as-a-service products such as SAP Ariba and SAP SuccessFactors. For these specific products also, I have integrated single sign-on via Azure Active Directory.

We're also using e-procurement solutions such as Tejari and SAP Ariba. To get authentication of my guest users, who are my partners, vendors, or external collaborators, we create their guest accounts on Azure Active Directory. They come into our applications through that. We get a secure channel to provide access to the external parties on our tenant through Azure Active Directory. These are the basic use cases of Azure Active Directory.

After moving to Azure Active Directory, life becomes very easy, not only for the administrator and IT people but for the end-users as well. They've now got a single sign-on. Previously, our end-users had to remember multiple account IDs and passwords, and they had to enter the relevant account ID and password for each application, whereas now, they have a single identity across all the applications provisioned in our landscape.

It's helpful for security and compliance. Security is a big concern right now, and we're very sensitive about it. I am from the Oil and Gas sector, and this is something that's very critical for us. Additionally, we have external contributors, such as partners, vendors, and technical consultants, who need access to our resources from outside the organization. Azure Active Directory provides some very good features for that such as guest user access and limited user access. 

It has default integration with all Microsoft products such as SharePoint, Power BI, Power Apps, Power Automate, and obviously, the infrastructure as the service landscape of Azure. This integration is surely amazing.

Conditional access is amazing. I have a success story to share for the conditional access feature. About six or seven years ago, we identified a cyber attack that was coming from certain IPs from Nigeria on our tenant, and through that, some of our users were compromised. We blocked all Nigerian IPs using Azure conditional access and saved our users. It was something amazing and life-saving for us. 

The conditional access feature complements the zero-trust strategy. It makes our environment more secure. It makes our environment more reliable as far as the whole security landscape is concerned.

We use Microsoft Endpoint Manager. Initially, we were not using it, but later on, we started to use Microsoft Endpoint, which was previously known as Microsoft Advanced Threat Protection. Implementing secure policies of Microsoft Endpoint, advanced threat protection, and conditional access provides us with a very safe and kind of sandbox environment. This combination protects us from those who are accessing our environment from unpatched devices, pirated applications, and applications with security loopholes.

We're also using Microsoft Intune to save our corporate devices and provide a secure zone for our users to access corporate resources and applications.

Personally, I'm a great fan of Azure Active Directory due to the security and compliance features that are there in the classic or default Azure Active Directory. 

The conditional access feature is absolutely great through which we provide access to users on the basis of a certain device, a certain geographical location, a certain set of IPs, or any other criteria that we can define via a set of rules. 

The auditing of Azure Active Directory is fantastic, and its integration with Cloud App Security is something amazing because we can get complete visibility of our environment through Cloud App Security. It also helps us a lot with our yearly audits and monthly reporting.

There is a lot of room for improvement in terms of its integration with the local Active Directory. There are some gaps in terms of the local Active Directory through which Microsoft is syncing our environment from our data center. There should be the availability of custom attributes on Azure Active Directory. In addition, there should be the availability of security groups and distribution groups that are residing on the local Active Directory. Currently, they are not replicated on Azure Active Directory by default.

There should also be a provision for Azure Active Directory to support custom-built applications. 

I've been using this solution for the last 12 years.

It's very stable.

It's very scalable. It's being used in companies with 64 users as well as in companies with 16,000 users. For both companies, it's working perfectly. It's a very good product.

My environment is based on multiple things. We're using Office 365 in the software-as-a-service mode. We're using Azure infrastructure in the infrastructure-as-a-service mode. We have integrated our Azure Active Directory with multiple third-party solutions such as Oracle Aconex, SAP S4HANA, SAP Ariba, SAP SuccessFactors, and Tejari. Along with this, we're providing authentication services to our third-party or external vendors, contractors, and guest users through Azure Active Directory. It's in hybrid mode. It's in the private cloud, software-as-a-service, and infrastructure-as-a-service environments. There are multiple environments.

Back in 2010 or 2011, when Microsoft launched it initially, it was very good, but since COVID or post-COVID, the quality has reduced significantly. Before COVID, it was very good. We would normally get very good engineers on call. We got support from the European zones, but since COVID, their support services have been significantly compromised. The quality of engineers or the quality of SLAs is not up to the mark. 

I was one of the people here in Pakistan who started the cloud. Microsoft has published three case studies of mine on the cloud during the last ten years. Over the years, I've seen that the overall support model of Microsoft Cloud has been compromised. I'd rate their support a six out of ten. 

Positive

We were using the local Active Directory previously. From day one, we've been die-hard fans of Active Directory. Until 2011 or 2012, we used the local Active Directory that was hosted in my own data center, and now, because we're in a hybrid environment, we're managing local Active Directory, and we're managing Azure Active Directory. We're managing both.

We got Azure Active Directory because we moved to Office 365, public cloud, infrastructure as a service, and software as a service. We needed a single sign-on and integration with some third-party cloud products such as SAP Ariba, SAP SuccessFactors, and Tejari. 

Last month, we did the very first integration in Pakistan with Oracle Aconex. It's one of the biggest engineering document management suites in the world. We integrated Azure Active Directory with EDMS, which was really commendable. It was something that was done for the first time in Pakistan.

We're using Azure Active Directory with Office 365, which is a public cloud. The same Azure Active Directory is integrated with Azure infrastructure's private cloud, so the same Active Directory is serving in multiple scenarios. Through the same Azure Active Directory, we have integrated with the custom applications that are hosted on other public clouds such as Oracle Aconex, SAP S4HANA, SAP Ariba, SAP SuccessFactors, and Tejari. So, we're using it in the hybrid mode to sync our local Active Directory. From that hybrid mode, it's providing authentication to the users for Office 365 and it's providing services for the users who are using Windows virtual desktop. On the other side, for the third party, we're also using Azure Active Directory.

I deployed it myself. The initial setup was complex when we were implementing it around twelve years ago, but now, it's very simple. When we started this journey, it took us six months to integrate our local Active Directory with Azure Active Directory. We worked with three different partners. Two of them failed, and then Microsoft Pakistan got involved with us. Through their Dubai-based partner, we successfully integrated our Azure Active Directory with our local, on-premises Active Directory. We got success with the third partner, but overall, it took us six months. Nowadays, the hybrid configuration and the integration of Azure Active Directory with the local Active Directory is a piece of cake.

In terms of maintenance, because it's software as a service, Microsoft is managing it for us. We don't take any backup, etc. It's just managed by Microsoft.

We got a very good ROI when we compare it with what we were using around ten years ago. It's a much improved and cost-efficient product in terms of cloud provision.

It's pretty good. We're using the native features. It's bundled with our Office 365 licenses. We aren't paying anything extra for Azure Active Directory. It's pretty good for us because it's complementary to Office 365. We're only paying for Office 365.

We checked Google Suite. We checked its identity mechanism, but it was not as per our requirements.

It's a very good product. It's a stable product. I'd highly recommend it.

Overall, I'd rate Azure Active Directory a nine out of ten.

We primarily use the solution for most of our enterprise identity management. 

It's improved our company through the security policies. It's helped improve our security posture. 

It's pretty easy to implement. In most of the apps nowadays, it has the ability to use multifactor authentication, SSO.

The control is great. It offers good conditional access.

It helps with managing user access via one pane of glass in most cases. 

The security policies we are applying are pretty well structured. 

The solution is nice to use. Microsoft did a good job.

My assessment on Microsoft EntraID admin center for managing all identity and access as our organization. It's great. It's very well organized, pretty straightforward, and easy to use. It's not just that it's easy to use, it's very intuitive. Everything is easy to find. 

We use Microsoft Entra ID conditional access features and improve the robustness of our zero-trust strategy to verify users. 

The permission management feature is good. 

The visibility and control are very good. The whole intro ID concept is pretty intuitive. Even if you have never used this and you have some experience in IT, you will be able to handle the solution easily.

It's helped our IT department save time. It also helps with speeding up processes. I can't speak to the exact amount of time saved per week, however.

The solution helps the company save money. 

It's positively affected the employee user experience. 

It's just been renamed. That said, I can't speak of room for improvement. There may be areas that could be better, however, I haven't thought too much about that. 

I would change the device access a bit. It's very difficult. I would add some features. I would like to be able to authenticate Wi-Fi users using the Azure ID. However, my understanding is it needs to be from both sides, from the vendor that is creating devices for the Wi-Fi and for the networking part and Microsoft. 

The company has been using the solution since before I arrived. I have used it for around four or five years. 

The solution is stable. I've never seen big issues. It's pretty much a stable product. 

Sometimes Microsoft has small issues, however, nothing that would cause the entire company to not be able to work for a whole day. 

More than 1,000 people are currently using the solution. 

It is a scalable solution for sure. 

I've never used technical support. 

I've used a few different solutions. Mostly I've used Active Directory. It does the same thing; it has just been renamed. 

I was not a part of the implementation. It was done before I joined the company. 

It may require a bit of maintenance, however, it's not a task that is part of my department. 

I don't deal with pricing. It may state the cost online. 

I did not evaluate other options. 

I'm a user.

I'd rate the solution nine out of ten. I'd advise others to use it. Even the free tier has a lot of features that even a small company would benefit from. 

We use Azure AD to manage all endpoints, including laptops, desktops, mobile devices, such as iPads and iPhones, and users. We can disable accounts, create accounts, reset passwords, maintain access, and manage permissions.

Azure AD is essential to our organization. Our users need to use their Azure AD credentials to log into their computers every morning, and we also manage user accounts in Azure AD. As a result, we cannot function without Azure AD.

We use Entra's conditional access to restrict access to our system from overseas users. This means that users can only log in from Canada and the United States.

Our zero-trust strategy uses conditional access to verify users and prevent unexpected traffic, such as attacks from Russia. This makes our strategy more robust and secure.

We use Entra's conditional access in conjunction with Microsoft Endpoint Manager to limit user logins from Canada and the USA. We also limit devices that can log into the network to only those located in Canada.

Entra has helped our IT administrators save an hour of time per day.

Entra has helped our organization save money.

We used to use on-premises Active Directory. Now, we use Azure Active Directory. The main difference is that users can now reset their own passwords in Azure AD. This is a positive improvement, as it saves time and hassle for both users and IT staff. I believe that this has had a positive impact on our employee experience.

User and device management is the most valuable feature.

I would like Azure AD to provide features similar to check-in on-prem AD. The fetch-all service is the only one that is not currently available on Azure AD.

The technical support has room for improvement.

I have been using Azure AD for five years.

I give Azure AD's stability an eight out of ten.

I give Azure AD's scalability an eight out of ten.

The basic support from Microsoft is not good.

Negative

We previously used the on-premises Microsoft Active Directory. However, we have since switched to Azure Active Directory, which is a cloud-based solution. Azure AD is more flexible and scalable than on-premises AD, and it allows us to save money on hardware costs. This is because we no longer need to purchase and maintain our own servers. Instead, we can simply use the servers that are provided by Microsoft.

The initial deployment was straightforward and took two months to complete. We switched over to the new system and then set up a number of additional features, such as enterprise applications and multi-factor authentication. This took an additional month, for a total of three months. We followed the instructions from Microsoft step-by-step. The deployment required two full-time employees from our organization and three from our partner.

The implementation was completed with the help of an MSP.

We have seen a significant return on investment since switching to Azure AD. Our monthly costs have decreased from $5,000 to $100.

The price is affordable, and we pay around $100 per month.

Both Okta and Azure AD are great solutions. I know that many people use Okta, but my concern is that we are also using Microsoft products on the endpoint. This means that our users use Windows, and it makes more sense to use a front-end and back-end Microsoft solution.

I give Azure AD a nine out of ten.

Azure AD requires very minimal maintenance.

I recommend Azure AD. The solution is straightforward.

We're using the solution for our customers. It's for those that may have been on-premises and moved to the cloud when it started to become mainstream. Users wanted to transfer their users and permissions and so on to the cloud and onto Azure.

Azure is the most comfortable cloud to work with. One company we worked with had infrastructure that needed to go to the cloud, and with Microsoft, it's very easy to move. The company is flexible in terms of how you want to handle a migration or configuration. There are a lot of features that help to implement different solutions and that makes it very easy to work with. 

We are using the solution on different projects. Depending on the project, we use different features. It's great for handling user groups and security policies.

We can use it with Office 365 and Exchange. 

It provides a single pane of glass.

It's given us good consistency in terms of the user's sign-on experience.

Microsoft makes a very good product. It makes the policies quite easy and everything is quite understandable. It provides different tools to implement the same scenario.

The admin center for managing all identity and access risks across an organization is very cool. 

Verified ID is very useful for onboarding remote employees. It helps with privacy control of identity data. It makes security very easy. It makes it simple to protect the client. This feature helps IT and other teams protect the business.

We used permission management about a year ago. I had some experience with AWS. I didn't use GCP. Mostly we use Azure. In our case, when we implemented it with the current client, we didn't have any issues with it. It was clear and very simple. It has helped us in a few cases reduce risk when it comes to identity permissions.

Sometimes the client doesn't need the full functionality; they just need a small part of it - and it still works in those cases.

The product has helped us save time in IT and HR. If you create your directory with some logic, it allows you to streamline tasks. It can help more quickly handle requests. The management aspect helps simplify user interactions with various departments.

Azure has very good services that showcase how much money you are spending. It gives you advice on how to protect yourself from spending too much money. It's helpful when we have new clients. You can show them the financials from Microsoft and it will help illustrate how much it costs, and how much it will cost if you scale. It's very transparent on how much money you would spend depending on the setup. 

It's had a positive effect on the employee user experience. 

Sometimes it is difficult to understand the structure of the menu. Sometimes they make some changes in the configuration structure and you might have trouble finding a button or some functionality based on a UI update. That can be annoying. Too many interface changes can make it confusing. 

The documentation could be better. Microsoft documentation is confusing. We do not like working with documents. There is not one big website where you can find whatever you want. Instead, there are thousands of websites that cover certain parts or services. On top of that, they often have old, out-of-date information that hasn't been checked. This is the most difficult part of dealing with Microsoft. 

I've used the solution for almost four and a half years.

The solution hasn't had any downtime. Everything works perfectly.

We've had some issues with performance around scalability. When we tried to deploy in certain areas, we didn't have enough scalability. This was an unusual situation. Typically, scalability is not an issue, however. 

Sometimes we contact technical support, however, not usually during the initial setup. We tend to fix any issues by ourselves. 

Microsoft has different support teams in different countries. Who you speak to depends on what service you are using.

Automatically, your request is sent to a certain team or location. We have had a lot of issues with the Azure DevOps team, which is routed to India and the level of support is much lower. We had to have multiple calls to close a very simple task.

Positive

I have not used any other different solution previously. 

I was involved in the initial deployment. The setups are always complex. 

How long it takes to deploy depends on the client. We've done it in two days or one week. However, the main work is typically done across two days.

We tend to have two to three people involved in the implementation. 

It doesn't require any maintenance on our side. 

Typically, we always do the setup by ourselves. We handle the setups for the clients. We sometimes ask Microsoft for input.

Microsoft has various pricing tiers. 

I've read about Okta, however, I have never used it or evaluated it.

We are a Microsoft gold partner. 

I've used the conditional access feature, however, not very often.

If your company has more than ten users, you need this service. It gives you a lot of features to help manage your organization. A small startup with a handful of employees likely won't need it. However, if you have an organization with a financial department, a developer department, et cetera, it will get complicated handling access and permissions. Without this solution, you can't be sure you'll be safe - especially as you scale up your employees.

We use different models, including on-premises and cloud.

If you are a regular user, you don't need any special knowledge. However, if you are a technician, you can take exams from Microsoft and find materials about the product and really learn about it. That said, anyone can get a sense of the product simply by searching for it on YouTube.

I'd rate the solution nine out of ten.