IT Central Station is now PeerSpot: Here's why

Microsoft Identity Manager OverviewUNIXBusinessApplication

Microsoft Identity Manager is #9 ranked solution in top Identity Management (IM) tools. PeerSpot users give Microsoft Identity Manager an average rating of 8 out of 10. Microsoft Identity Manager is most commonly compared to SailPoint IdentityIQ: Microsoft Identity Manager vs SailPoint IdentityIQ. Microsoft Identity Manager is popular among the large enterprise segment, accounting for 65% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 24% of all views.
Buyer's Guide

Download the Identity Management (IM) Buyer's Guide including reviews and more. Updated: June 2022

What is Microsoft Identity Manager?

Microsoft Identity Manager (MIM) builds on the identity and access management capabilities of Forefront Identity Manager. MIM helps you manage the users, credentials, policies, and access within your organization. Additionally, MIM adds a hybrid experience, privileged access management capabilities, and support for new platforms.

Microsoft Identity Manager was previously known as MIM, Forefront Identity Manager, FIM, MS Identity Manager.

Microsoft Identity Manager Customers

Dow Chemical Company (Dow), Whole Foods Market

Microsoft Identity Manager Video

Archived Microsoft Identity Manager Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Sr. Solution Architect at a tech services company with 10,001+ employees
Real User
A scalable solution that is easy to set up and offers conditional access
Pros and Cons
  • "The most valuable and most interesting feature is the conditional access."
  • "The information that is available for the Active Directory portal is segregated here and there."

What is our primary use case?

The primary use case is for the single migration of the user from on-premises to Azure Active Directory in the cloud. It is also used for the Microsoft authentication application for mobile devices. We authenticate on the smart device back to back so they can access their emails and other applications. We are planning to use this for the Windows 10 authentication as well as directly from the Azure Active Directory.

What is most valuable?

The most valuable and most interesting feature is the conditional access.  It can provide a low formulation combination based on the extra files that we can work on to verify the solution.

What needs improvement?

The information that is available for the Active Directory portal is segregated here and there. It's not in one single location where you can see, for example, all of the security features and maybe the customization feature. In the next release of this solution, I would like to see the manageability, the web-based access to the portal, and the reconfiguration of things to be made simpler and more straightforward.

For how long have I used the solution?

We have been selling this solution for the last five years.
Buyer's Guide
Identity Management (IM)
June 2022
Find out what your peers are saying about Microsoft, SailPoint, SAP and others in Identity Management (IM). Updated: June 2022.
608,010 professionals have used our research since 2012.

What do I think about the stability of the solution?

It's stable, but it's maybe a bit more challenging than I have seen in the last five years.

What do I think about the scalability of the solution?

This solution is scalable. We have plans to increase our usage in the future. The number of users varies. There can be anywhere from 10,000 to maybe more than 100,000 users, who are made up of IT, administrators, managers, and architects.

How are customer service and support?

We have been in touch with technical support. They are good. Normally they are available to assist and they are knowledgable.

Which solution did I use previously and why did I switch?

Our previous system was based on an on-premises solution. Now, the on-premises products are integrated with the cloud, which is what made the difference.

How was the initial setup?

The initial setup is straightforward and can be deployed in one week.

What about the implementation team?

It was installed by my internal team.

What other advice do I have?

I would say that it's the best solution on the market and I would go ahead with it. I would rate this solution a nine out of ten.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Samuel Calys-Tagoe - PeerSpot reviewer
IT Specialist at a energy/utilities company with 51-200 employees
Real User
A solution with good tracking functionality and security in an enterprise-level environment
Pros and Cons
  • "The most valuable feature of the solution is the fact that I can use it to track who is sending which email, who is accessing which documents or which files, etc. These tools help me improve security within the enterprise environment."

    What is most valuable?

    The most valuable feature of the solution is the fact that I can use it to track who is sending which email, who is accessing which documents or which files, etc. These tools help me improve security within the enterprise environment.

    What needs improvement?

    Support needs improvement. It is very easy to get somebody to help with the implementation of the Microsoft product itself, but when it comes to support it's a challenge as an IT team. You have to tell people, "Well we need to get back to Microsoft" and that can take forever.

    Sometimes the waiting process really gets you stuck. If you have deployed a feature in your environment and you're using it and you cannot get the necessary support to be able to get back aspects of it, then it's as if Microsoft has whet our appetite, but then we can't use it any more. It's frustrating for everyone.

    I want to be able to have access to somebody from Microsoft to be able to help me when I have challenges.

    For how long have I used the solution?

    I've been using the solution for two years.

    What do I think about the scalability of the solution?

    We have a lot of end users and a few admins. Right now, we have about 180 users on the solution.

    How are customer service and technical support?

    On a scale of one to ten, I'd put technical support at seven. There's a lot of room for improvement. What really has helped us is the reviews that are put out by other admins who have been able to resolve the same problems. You can find an identical problem and see its resolution. If you are able to access those reviews, it helps you to navigate and try to solve your problems. That's what helps a lot of the time, as opposed to speaking with an actual person from technical support.

    How was the initial setup?

    The difficulty of the initial setup is always different. It depends on which application you deploy. Some are complex, some are straightforward. If you're deploying Microsoft XG, it's quite straight forward. If you're deploying something like MGM it's a little more confusing, and you always need somebody to help you to be able to do that. SharePoint is also a little bit confusing to handle. 

    Likewise Identity Manager looks a little more confusing in terms of its implementation process. There are other products from Microsoft that are more straightforward to implement or deploy, however.

    What other advice do I have?

    Over the years Microsoft has improved a lot. We don't have problems like we used to have in previous versions. There's still more room for improvement, however. They have begun listening to their customers, and they are bringing out features that customers are asking for and if I can get that from an OEM it gives me the assurance that everyone is being taken care of.

    I would recommend the solution, however if a person is considering implementing it, they need to have a plan. Otherwise, they might start off and only after realize that there are options that weren't implemented well. It's good to always have a plan of what you want to implement something new. Review it and let your team query it, so you know exactly what you are deploying. 

    I would rate the solution eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Buyer's Guide
    Identity Management (IM)
    June 2022
    Find out what your peers are saying about Microsoft, SailPoint, SAP and others in Identity Management (IM). Updated: June 2022.
    608,010 professionals have used our research since 2012.
    Oupa Mpe - PeerSpot reviewer
    Solutions Architect at a tech services company with 11-50 employees
    Real User
    Secure on-premise and cloud-based workloads provide seamless authentication
    Pros and Cons
    • "The feature that I find most valuable is the security layer of the identity and access management solution. The ability to secure on-premises and cloud-based workloads and to provide seamless authentication into hybrid workloads, which is also both on-premises and in cloud environments."
    • "In terms of the identity and access management solution for on-premises environment, I think Microsoft needs to eliminate or minimize the number of workloads for the solution to run in on-premises environment."

    What is our primary use case?

    We are currently using a hybrid identity access management solution. We've got an on-premise ADFS that is running a Server 2016 ADFS farm. That is coupled to a Microsoft Identity Management Server 2016, which is then coupled to Azure Active Directory as the cloud-based identity and access management solution.

    How has it helped my organization?

    We're a partner and a reseller. We're a Microsoft Gold Partner and Cloud Platform, and we have achieved the Microsoft competency at the highest level due to our commitment to delivering successful solutions in both on-premises and cloud-based environments. So we are a Microsoft delivery partner and a Tier 2 reseller. In other words, we're reselling Microsoft licenses. 

    We're also a deployment partner for Microsoft services, meaning that we can deploy services and migrate customers and design solutions and be involved in adoption and innovation programs on behalf of Microsoft. So we're a big partner in Microsoft solutions.

    What is most valuable?

    The feature that I find most valuable is the security layer of the identity and access management solution. The ability to secure on-premise and cloud-based workloads and to provide seamless authentication into hybrid workloads. In addition to cloud-based authentication, we've also got advanced adaptive authentication with a privileged identity management feature for protecting identities.

    What needs improvement?

    In terms of the identity and access management solution for an on-premise environment, I think Microsoft needs to eliminate or minimize the number of workloads for the solution to run in an on-premise environment.

    For example, you need more instances, more servers on-premise for the whole solution to completely function. You need ADFS servers, farms application proxies, a MIM server, SQL databases, and Cluster databases, which leads to more costs in running and maintaining the solution.

    I think Microsoft should minimize the number of instances in terms of hardware and software.

    In the next edition, I prefer that Microsoft would start looking at giving the solution the ability to integrate on-premise workloads, specifically Linux on-premise workloads, with the cloud-based identity and access management solution, which is Microsoft Azure Active Directory. Currently, the provided Microsoft identity and access management solution does not have the capability to integrate with a Linux or Unix environment and the cloud-based Azure Active Directory.

    For how long have I used the solution?

    I've been using this solution for over five years.

    What do I think about the stability of the solution?

    I'm satisfied with the stability. It is quite stable these days because Microsoft updates all of its identity management solution technologies monthly. In terms of stability, I'm quite impressed.

    What do I think about the scalability of the solution?

    I'm not quite impressed with the scalability of the solution, because you need more workloads in terms of scalability. For small businesses, I wouldn't recommend the Microsoft identity and management solution for on-premises environments for SMBs, because they won't see any return on investment since they will still need to invest in hardware, which is quite costly, and also in software. Maintaining the solution in general also requires more workload and instances to operate, so I wouldn't recommend on-premises environment for small businesses.

    That is why most of my customers are enterprise customers. They will be best with a complex environment. Specifically, they will have hybrid environments that are running the on-premises MIM, Microsoft Identity Management.

    For cloud-based identity and access management solution for Microsoft, specifically the Microsoft Azure Active Directory, it's an excellent solution for small businesses. It's excellent and it's easy to scale because you don't need to be an enterprise business to protect your applications with Azure Active Directory. It's quite good for cloud-based environments.

    How are customer service and technical support?

    They provide excellent support. Now when you log a call with them they engage with you until they resolve the solution. They give you a dedicated engineer, a PSE specifically, to come and correct any issues.

    How was the initial setup?

    To be honest, the on-premise configuration is complex. You need to know what you are doing to successfully deploy the solution. You need components such as an SSL certificate. Also, you can't use a self-signed certificate. You need a certificate with a publicly known CA, such as GoDaddy or DigiCert. Additionally, you need to configure your application proxies, all your ADFS and MIM servers, and also the database servers correctly. It's quite complex, you need to know what you're doing in terms of getting the solution up to speed.

    What other advice do I have?

    My advice to someone implementing this solution would be to implement the on-premise identity and access management solution if they've got more than 1,000 identities on-premise. I strongly recommend implementing an on-premise environment in that case, or if they are a financial institution, such as a bank or underwriting institution. They also should implement the hybrid deployment, which means there would be an integration of the identity management solution sitting on-premises and a combination of the Azure Active Directory as an identity and access management in the cloud-based environment.

    For small businesses, I would recommend that they implement the cloud-based identity and access management solution, leveraging the provided Azure Active Directory by Microsoft.

    I'd give Microsoft Identity Manager a rating of nine out of ten. I'm giving it a nine because I'm looking at the hybrid scenario and more strongly on the cloud-based identity and access management solution for Microsoft. It has a lot of features; it has all the bells and whistles of identity and access management, such as adaptive MFA, intelligent graph security API, and being powered by Microsoft Graph API. Also, the multi-factor authentication is easy to set up, with a single button. For Windows environments, you just install one application API, called AD Connect, to sync all the on-premises identity to the Microsoft Azure Active Directory.

    The reason why I'm not giving it a ten is that they still need to upgrade their solution to enable a new feature to accommodate Linux and Unix identity directory specifically to integrate with Microsoft Azure Active Directory. It seems as if the company does not want to provide that capability because now they are focusing on growing their own Microsoft Azure cloud, which means they are forcing all those customers that are running the Linux or Unix environment to come and migrate or lift and shift all their Linux or Unix workloads into Microsoft Azure. I think they are focusing on growing their own environment, which is why they are not providing this capability.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller and partner.
    CTO at a music company with 10,001+ employees
    Real User
    Protects our company documents and integrates with our SharePoint Global Portal
    Pros and Cons
    • "The most valuable feature is that it provides protection for our company documents."
    • "This product was only launched two or three years ago and it is still in the process of becoming stable."

    What is our primary use case?

    Our primary use case for this solution is to secure the identity of our customer. It is required for compliance and for making our systems very secure.

    How has it helped my organization?

    This solution helps in that it adds to our security.

    What is most valuable?

    The most valuable feature is that it provides protection for our company documents.

    This product integrates with our SharePoint Global Portal.

    What needs improvement?

    This product was only launched two or three years ago, and it is still in the process of becoming stable.

    We have to make use of the current feature set before looking for new features.

    For how long have I used the solution?

    Very recent implementation.

    What do I think about the stability of the solution?

    This product was launched two to three years back and it is becoming stable.

    How are customer service and technical support?

    The technical support for this solution is ok.

    Which solution did I use previously and why did I switch?

    We began using this product because we moved to the cloud. Earlier, we were using on-premise systems and at that time, this kind of security was not needed as much. 

    How was the initial setup?

    The initial setup was straightforward.

    What about the implementation team?

    We used a consultant for the deployment of this solution and our experience was ok.

    What was our ROI?

    We are not looking specifically for ROI with this product. Rather, it is used for compliance.

    What other advice do I have?

    I would recommend this product to a colleague at another company.

    I would rate this solution a nine out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Jiju  Gopinath - PeerSpot reviewer
    Vice President, IT Infrastructure & Information Security at KAMCO
    Real User
    An all-encompassing solution that is stable and continuously improving
    Pros and Cons
    • "The features that we find most valuable are security, mobility, and Single Sign-On."
    • "They have to improve the User Entity and Behavioral Analysis."

    What is our primary use case?

    We work with Microsoft Active Directory, Azure Active Directory, and Microsoft Services as an identity and access management system. This solution provides privileged identity management single sign-on, so we're focusing on that.

    What is most valuable?

    This is an all-encompassing product. The features that we find most valuable are security, mobility, and Single Sign-On.

    What needs improvement?

    They have to improve the User Entity and Behavioral Analysis. They have all of these features, scattered around in different components. For example, if a user logs into a computer, from that point the behavior is not completely monitored. Windows Defender is monitoring the action, but if you go into the website, the solution is not capable of understanding it. Therefore, in the case of a user browsing a malicious website, there is no way to identify it.

    There should be a way to create a profile for each and every employee. For example, if an employee is searching websites for a job then the organization should be able to identify that and recognize that he's going to leave the company soon. Or, if the user is trying to access a confidential document then that identity should be tagged as a malicious user. You should be able to create metrics or risk levels for a particular user.

    Generally, the security features need to be improved so that they do not have to rely on other solutions. Importantly, browser behavior should be integrated. Properties such as what department an employee is in, and what resources they access, as well as the relevant correlations, should all be determined and stored.

    For how long have I used the solution?

    Two years.

    What do I think about the stability of the solution?

    This is a stable product that is continuously improving.

    What do I think about the scalability of the solution?

    It is scalable to any extent, so it is not an issue for this solution.

    There are approximately three hundred users, which are employees. Six of them are administrators, and perhaps another ten of them are privileged users who have access to various components of the system.

    How are customer service and technical support?

    I would rate the technical support a seven out of ten.

    There are different service levels. For example, an enterprise customer will probably have a special service level agreement, but for SMBs, the level is different. So in that, not all customers are treated equally.

    How was the initial setup?

    The initial setup is simple because a lot of the configuration comes from the on-premises Active Directory. It connects to various other components. If your device has to be enrolled then it is a bit complex, and you need expertise on that.

    What about the implementation team?

    Our implementation was handled by a Microsoft partner.

    What other advice do I have?

    I strongly recommend this solution. It encompasses the cloud, on-premises applications, mobility, and on-premises users. The modern enterprise encrypted license is one of the best solutions to go for because of the mobility and security for the workforce, as well as for the company.

    I would rate this solution an eight out of ten.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Venkatesh Ampolu - PeerSpot reviewer
    Principal Security Advisory Consultant and Delivery Lead at a tech services company with 1,001-5,000 employees
    Consultant
    Help users with different groups, closing different applications, access provision, and for de-provisioning access to different applications
    Pros and Cons
    • "Microsoft integration products are strong. That is what I like about the product."
    • "Instead of using the connectors from the third-party companies, they should make the Microsoft templates available with this product. If Microsoft would increase the number of the box connectors that would be helpful to all the customers who use it daily."

    What is our primary use case?

    I use Microsoft Identity Manager to help users with different groups, closing different applications, access provision, and for de-provisioning access for different applications.

    How has it helped my organization?

    I deploy the products for my different customers as an offer for my organization. We will deploy this product with 95% of the customers that I'm working with professionally.

    What is most valuable?

    With Microsoft Identity Manager, most of the time the organizations actually agree that it is a primary benefit to use them. Since Identity Manager is from Microsoft, there is the assurance that it integrates alphabetically. It also works well with the server. 

    Microsoft integration products are strong. That is what I like about the product.

    What needs improvement?

    If we compare this Microsoft Identity Manager with Okta or OneLogin, both provide multiple connectors and box connectors. Whereas with Microsoft Identity Manager, there are limits.

    Instead of using the connectors from the third-party companies, they should make the Microsoft templates available with this product. If Microsoft would increase the number of the box connectors that would be helpful to all the customers who use it daily. 

    Microsoft Identity Manager is good for using in production and increasing recruitment.

    For how long have I used the solution?

    One to three years.

    What do I think about the stability of the solution?

    The stability of the solution is very good. 

    What do I think about the scalability of the solution?

    Scalability-wise, Microsoft Identity Manager is good. It is not meant for consumers. It's meant for enterprise identity management, it is not meant for consumer identity management. 

    I have implemented for 35,000 users, 40,000 users, and 16,000 users, plus another 5,000 user base. The product can scale in terms of how many users it can hold. It is a combination of multiple admin users, employees, and contractors. Even administrators are also part of Microsoft Identity Manager, but it is a very minimal number.

    For deployment, one architect and two implementation consultants would be good and enough to deploy the solution in high-availability after recovery.

    With all the high-availability and data recovery concerns, three people would have to be required to deploy. Whereas for the support, it just depends on the user base. If it is a minimal user base we can offer any company shares per user, but if the user base is large, then a dedicated support model is required. 

    How are customer service and technical support?

    I had experience dealing with Microsoft customer support when I was working for Behold. The technical support is a little slow. They are a little slow in responding and they take their own time when offering the service. 

    I'm happy but I'm not delighted with their support. 

    Which solution did I use previously and why did I switch?

    I have deployed Microsoft for multiple customers but I haven't done the migration from One Identity Manager product to MIM. I have deployed various products. 

    I haven't migrated from any other identity manager to Microsoft Identity Manager.

    How was the initial setup?

    If we compare Microsoft Identity Manager to a cloud-based identity management solution, the initial setup is complex. 

    If you compare Microsoft Identity Manager with Okta or OneLogin and the direct cloud solutions, these are all fast solutions awaiting only minimal configuration. The number of companies for which we uniquely install Microsoft Identity Manager is a little more than what we allocate fact-based IDM solutions for overall. 

    Deployment depends on if the customer requires high availability and disaster recovery strategy, or the number of applications that we need to integrate.

    The time that it takes to deploy the solution, integrate applications, and configure the dynamic overflow typically takes around three months. 

    The deployment requires a minimum of three months and sometimes it can go up to six months. 

    What about the implementation team?

    I work for companies who provide the services as an integrator. I work as a systems integrator.

    What's my experience with pricing, setup cost, and licensing?

    Microsoft Identity Manager comes with the premium or community license. If the customer doesn't have a premium license, the reseller who sells the licenses of Microsoft to the enterprise can extend the license for the client.

    Generally, I don't have exposure towards the final figures, but I believe Microsoft is very well in line with other products in terms of pricing.

    Which other solutions did I evaluate?

    I was evaluating OneLogin and since I don't have experience with other software, I had to recommend Microsoft Identity Manager on the basis of customer requirements.

    What other advice do I have?

    The out of the box connectors need to be increased. We can integrate with multiple applications to connect together through using Microsoft Identity Manager.

    I would grade Microsoft Identity Manager at 7 or 8 out of 10. I wouldn't give it a ten because of the lack of out of box connectors. I don't see any other drawback in the product.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Buyer's Guide
    Download our free Identity Management (IM) Report and find out what your peers are saying about Microsoft, SailPoint, SAP, and more!
    Updated: June 2022
    Product Categories
    Identity Management (IM)
    Buyer's Guide
    Download our free Identity Management (IM) Report and find out what your peers are saying about Microsoft, SailPoint, SAP, and more!