Azure Active Directory Pros and Cons

Azure Active Directory Pros

Martijn Verbrugge
Manager Infrastructure & Architecture at BDO Global
It has been very instrumental towards a lot of services we run, especially on the single sign-on side. For example, we have 160 countries that all run their own IT but we still are able to provide users with a single sign-on experience towards global applications. So, they have a certain set of accounts that they get from their local IT department, then they use exactly the same account and credentials to sign into global services. For the user, it has been quite instrumental in that space. It is about efficiency, but also about users not having to remember multiple accounts and passwords since it is all single sign-on. Therefore, the single sign-on experience for us has been the most instrumental for the end user experience.
View full review »
Tom Aafloen
IT Security Consultant at Onevinn AB
Using [Azure AD's] passwordless technology, you're not even using a password anymore. You're basically just creating a logon request without actually sending or typing or storing the password. This is awesome for any user, regardless of whether you're a factory worker or a CFO. It's secure and super-simple.
View full review »
Jonathan Stewart
Director, Infrastructure at a retailer with 10,001+ employees
This product is easy to use.
View full review »
Learn what your peers think about Azure Active Directory. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
510,534 professionals have used our research since 2012.
DM
reviewer1548177
Product Manager/Architect at a consumer goods company with 5,001-10,000 employees
It enhanced our end user experience quite a bit. Instead of the days of having to contact the service desk with challenges for choosing their password, users can go in and do it themselves locally, regardless of where they are in the world. This has certainly made it a better experience accessing their applications. Previously, a lot of times, they had to remember multiple usernames and passwords for different systems. This solution brings it all together, using a single sign-on experience.
View full review »
Bharat Halai
Global Head of Identity and Access Management at Adecco
It is one of those costs where you can't really quantify a return on investment. In the grand scheme of things, if we didn't have it, we would probably have a lot more breaches. It would be a lot harder to detect issues because we would have people using static usernames and passwords for various sites, making us open to a lot more attacks. The amount of security and benefit that we get out of it is not quantifiable but the return of investment from a qualitative point of view is much higher than not having it.
View full review »
NadeemAkhtar1
Principal Service Engineer at a energy/utilities company with 10,001+ employees
Azure Active Directory provides us with identity-based authentication, which secures access at the user level and also integrates with conditional access policies and multi-factor authentication helping to increase the identity security for that person. So, the hacking and leaking of passwords is a secondary problem because you will not authenticate a person with one factor. There is a second factor of authentication available to increase the security premise for your company.
View full review »
HUGOMARTINEZ
IT Manager at a renewables & environment company with 201-500 employees
For some applications, it's not only working for authentication but it's also being used to apply roles for users. From the management perspective, it's much better to have this because in the past we constantly needed to go into the console of the different solutions and create or delete users or modify their roles and permissions. Now, with Azure Active Directory, we can do that from a single point. That makes our management model much easier.
View full review »
SM
technica888012
IAM / IT Security Technical Consultant at a retailer with 10,001+ employees
Single sign-on provides flexibility and helps because users don't want to remember so many passwords when logging in. It's a major feature. Once you log in, you have access to all the applications. It also enables us to provide backend access controls to our users, especially when it comes to groups, as we are trying to normalize things.
View full review »
SunilKumar14
Information Technology Specialist at Self-Employed
The most valuable feature is Identity and Access Management. As an IT administrator, this feature allows me to manage access for users and groups.
View full review »
Anthony Alvarico
Deliver Practice Director at DynTek
The solution's ease of use is one of its most valuable features.
View full review »

Azure Active Directory Cons

Martijn Verbrugge
Manager Infrastructure & Architecture at BDO Global
We have a custom solution now running to tie all those Azure ADs together. We use the B2B functionality for that. Improvements are already on the roadmap for Azure AD in that area. I think they will make it easier to work together between two different tenants in Azure AD, because normally one tenant is a security boundary. For example, company one has a tenant and company two has a tenant, and then you can do B2B collaboration between those, but it is still quite limited. For our use case, it is enough currently. However, if we want to extend the collaboration even further, then we need an easier way to collaborate between two tenants, but I think that is already on the roadmap of Azure AD anyway.
View full review »
Tom Aafloen
IT Security Consultant at Onevinn AB
The Azure AD Application Proxy, which helps you publish applications in a secure way, has room for improvement. We are moving from another solution into the Application Proxy and it's quite detailed. Depending on the role you're signing in as, you can end up at different websites, which wasn't an issue with our old solution.
View full review »
Jonathan Stewart
Director, Infrastructure at a retailer with 10,001+ employees
When you start to deal with legacy applications, provisioning is not as intuitive.
View full review »
Learn what your peers think about Azure Active Directory. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
510,534 professionals have used our research since 2012.
DM
reviewer1548177
Product Manager/Architect at a consumer goods company with 5,001-10,000 employees
The thing that is a bit annoying is the inability to nest groups. Because we run an Azure hybrid model, we have nested groups on-premise which does not translate well. So, we have written some scripts to kind of work around that. This is a feature request that we have put in previously to be able to use a group that is nested in Active Directory on-premise and have it handled the same way in Azure.
View full review »
Bharat Halai
Global Head of Identity and Access Management at Adecco
Some of the features that they offer, e.g., customized emails, are not available with B2C. You are stuck with whatever email template they give you, and it is not the best user experience. For B2C, that is a bit of a negative thing.
View full review »
NadeemAkhtar1
Principal Service Engineer at a energy/utilities company with 10,001+ employees
There is a concept of cross-tenant trust relationships, which I believe Microsoft is actively pursuing. That is something which in the coming days and years to come by will be very key to the success of Azure Active Directory, because many organizations are going into mergers and acquisitions or spinning off new companies. They will still have to access the old tenant information because of multiple legal reasons, compliance reasons, and all those things. So, there should be some level of tenant-level trust functionality, where you can bring people from other tenants to access some part of your tenant application. So, that is an area which is growing. I believe Microsoft is actively pursuing this, and it will be an interesting piece.
View full review »
HUGOMARTINEZ
IT Manager at a renewables & environment company with 201-500 employees
From time to time it takes a little bit of time to replicate, with some of the applications—something like five to 10 minutes. I know that the design is not supposed to enable real-time replication with some of the applications. But, as an administrator, I would like to run a specific change or modification in Azure Active Directory and see it replicated almost immediately.
View full review »
SM
technica888012
IAM / IT Security Technical Consultant at a retailer with 10,001+ employees
An area where there is room for improvement is the ease of use of the dashboards.
View full review »
SunilKumar14
Information Technology Specialist at Self-Employed
At the free or basic level of service, Azure should provide identity protection features including single sign-on and multifactor authentication.
View full review »
Anthony Alvarico
Deliver Practice Director at DynTek
Transitioning to the cloud is very difficult. They need the training to make it easier.
View full review »
Learn what your peers think about Azure Active Directory. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
510,534 professionals have used our research since 2012.