Microsoft Entra ID Other Advice

RV
Systems Administrator at Synergasia Business Solutions

I rate the solution nine out of ten. 

The admin center is very useful, but I prefer to remote into my server to do the administration that way, so I don't use it very much.

We use the solution's Verified ID and two-factor authentication, but we don't use it to onboard remote employees; all our staff are based on-premises and sometimes go off-prem, but typically, they're all in the office. We don't have remote workers as such. 

Regarding cost, I don't think the solution saved us that much, but feature-wise, it's excellent.

To others considering Azure AD, it's an excellent product. If you want stability and simplicity on your system, it's a great choice, and I definitely recommend it.

View full review »
Vinod Survase - PeerSpot reviewer
M365 Senior Consultant at a tech services company with 10,001+ employees

I rate the solution nine out of ten. 

From a security standpoint, we don't have major controls from Azure AD, but we can implement features such as MFA and Conditional Access policies to fine-grain the rules on apps and devices. We can also enforce policies where users have different sign-on requirements for the same account, depending on where they sign in from.  

We used the solution's Conditional Access feature in conjunction with Microsoft Endpoint Manager as it was a requirement for a client-side project. There were some conflicts between the two tools regarding device management, so we had to select a different approach. Conditional Access reduces the risk of unpatched devices connecting to our corporate network because it triggers the policy stating only compliant devices can log in and access resources.

Clients use different deployment methods for Azure AD, but most implement them within a hybrid environment. A few organizations are entirely cloud and SaaS-based, as they don't want the maintenance and management associated with on-prem infrastructure and prefer the security offered by the cloud.

My advice to those looking to implement the solution is to consider their primary goal and use case for the product and how they want to implement it. If you have a hybrid environment, many details about how Azure AD can fit into the environment must be figured out beforehand. Consider the costs and how the solution will help from a security standpoint over the next five to ten years, from all perspectives, including networking, security, systems management, and maintenance.

View full review »
Jay Ved - PeerSpot reviewer
Director of IT at MLSListings, Inc.

We have started using Permission Management. We have not fully rolled it out yet. We have also not used Verified ID. It is something that is a little tough to implement because the documentation is not necessarily there yet. We have just started touching the surface of it.

I would rate Entra ID an eight out of ten. It is a good product. It works out well for an organization of our size. We are fairly small, and we have limited IT resources. We are able to use Entra ID for permissions management and access management. I am trying to learn more about secure access and secure edge type of solutions that Entra has. At this Microsoft event, the demos in Demo Theater 3 have been overflowing and overcrowded to some crazy degrees, so there is definitely demand for it. Microsoft can put these demos in a larger room because there is a lot of demand for it.

View full review »
Buyer's Guide
Microsoft Entra ID
March 2024
Learn what your peers think about Microsoft Entra ID. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
DG
Founder, CEO at a computer software company with 11-50 employees

My advice would be to talk to Microsoft or a partner of Microsoft who will deploy it for you. You can do it yourself, it is absolutely possible but seek advice. Because the more users you sync into Azure, the more you have to pay for their licenses and not everybody has to be using Azure. Sync only accounts you need to, but in all cases, I would seek advice from a Microsoft partner or Microsoft themselves. They'll be able to talk through what you actually need, what you require, and then the best way to implement that. Whether that's syncing your entire user base or whether that's syncing a small subset of them because they're the only ones that are going to consume the services required.

I have learned two main lessons from using Azure AD. First, the introduction of multi-factor authentication. It was such a marked difference in the number of security incidents we had. There was such a reduction. If you have Azure AD, switch on multi-factor authentication, not just for the admin accounts and the highly privileged accounts that can access all the bits, but switch it on for everybody. It is a pain initially, while people get themselves set up. But once it's done the number of incidents you have relating to people losing their credentials is markedly reduced. It's a massive win.

I would rate it a nine out of ten. There are some things they can improve on, but those improvements are pretty small beans compared to what they've done.

View full review »
PP
CTO at a comms service provider with 1-10 employees

Overall, I would rate Entra ID an eight out of ten.

View full review »
MV
Manager Infrastructure & Architecture at BDO Global

This solution is a prerequisite with some of the bigger Microsoft services, so if you want to use Office 365, Dynamics, etc., then you need Azure AD. However, it is also quite good to use for other services as well because they are currently supporting tens of thousands of other applications that you can sign into with an Azure account. So, it is not only for Microsoft Office, and I think that is probably a misconception in many people's heads. You can use it for many other cloud services as well as a single sign-on solution. My biggest point would be that it can be used for Microsoft services, but people tend to forget that you can also use it for many other services. In that sense, it is just an identity store that you can use across many services, not only Microsoft.

It continues to be one of our primary fundamental services around authentication, so we will keep using it in the future. We are planning to reduce the amount of custom code that we need to tie all these things together. Microsoft has a few things on the roadmap coming up there. We hope that we can decrease the amount of custom code that we need to run around this. The custom code is mostly about synchronizing identities from 160 countries to us. Microsoft will bring some stuff out-of-the-box there so we can hopefully decrease the custom code. It is a fundamental solution for us for identity and single sign-on, so we definitely plan to keep using it.

The biggest thing we learned is that the security boundaries are shifting from what used to be networks, firewalls, and data centers that you owned yourself. The security boundary is more shifting to identity in these cases because people are using cloud services. They use a single identity, and in this case, Azure identity to sign into those cloud services. You are not always controlling where people are signing in from anymore because those services live in the cloud. Where you used to have servers running in your data center, you had far more control on the network, firewalls, and all that stuff to keep those services secure. You now have to rely much more on the identity because the services are running in the cloud. You don't always have control over the network, so people can sign in from every device.

The security boundary is really shifting towards identity. Azure AD gives you a lot of options to secure your identity in a proper way. We use multifactor authentication, the conditional access piece, and privileged identity management, which are all services that Azure AD provides and quite hard to implement on a traditional Active Directory. 

I would rate this solution as 10 out of 10. It is instrumental to everything that we do.

View full review »
Sathish Veerapandian - PeerSpot reviewer
DevSecOps CISO Architect(Feature Engineer 3)- CISO Cyber Security Dept at ING

I give Microsoft Entra ID a nine out of ten.

Entra ID does not require maintenance from our end.

For someone evaluating Entra ID, it is important to understand their use case, business requirements, current solution, and expectations. The current solution is important to understand because it will help to identify any gaps that Entra ID could potentially fill.

View full review »
Ashraful Hasan Tuhin - PeerSpot reviewer
IT Specialist, Windows Security & Azure Cloud Management at Robi Axiata Limited

I would rate Entra ID a nine out of ten.

Since Entra ID is cloud-based, remote users or branches need to ensure that they have a stable internet connection to access our environment.

Maintenance for cloud solutions is generally not obligatory. This is due to the automatic functionality that activates when users are enabled. However, if a license expires, we must either seek assistance from Microsoft or renew all licenses, subsequently testing the new licenses. Occasionally, for maintenance, especially when dealing with our own custom applications and enabling single sign-on with Entra ID users, we require assistance both from Microsoft and our mitigation team. This is because each application has its own authentication method, often resulting in compliance issues. To address this, discussions with the mitigation personnel are necessary, and we may need to allocate time for aid from a Microsoft engineer. In certain instances, collaboration with Microsoft vendors from the integration team is essential. Apart from these situations, the process remains fairly straightforward.

View full review »
BH
Global Head of Identity and Access Management at Adecco

Be prepared to learn. It is a massive area. There are a lot of features offered by Azure AD. It works well within the Microsoft realm but also it can work very well with non-Microsoft realms, integrating with other parties. The fact it is Microsoft makes life so much easier, because everyone integrates with Microsoft. Just be prepared to absorb because it is a big beast. It is also a necessary evil that you need to have it. The advantages outweigh the disadvantages of having it.

The learning curve is both steep and wide. You can only focus on what you can focus on with the resources you have in your organization. It is such a big product and changing all the time. This means that you need dedicated people to be on it. There is a lot of keeping up with what Microsoft puts out there with Azure AD, which is great. This makes its feature-rich, but you need to be able to learn how it integrates into your business as well.

What Azure AD does for my current organization is sufficient, but we are probably not adopting most of what Azure AD has. We do not have it at a mature place at the moment, but we hope (over the next couple of years) to get it up to the latest and greatest.

It is an integral part of using Microsoft stuff, so we are not going to move away from it any time soon. If anything, we will ensure that everything is on Azure AD and authenticating users use Azure AD. That part will still take some time to do. Like most large organizations who have been around for a long time, we have legacy to deal with and some of that legacy does not support Azure AD. So, we are working towards that.

If you come from a company with legacy technology, then there will be a lot of business and technological changes for you to make.

The adoption of Azure AD B2C is progressing somewhat well. That is something that we just started in the last couple of months. We are having more of our products being onboarded into it. We will be moving other implementations of Azure AD into the one Azure AD implementation, and it has been great so far.

I would rate it as a nine out of 10. I would have given it a 10, but it is impossible for something to be perfect. The product does itself a disservice when there is an impact due to downtime, which we have had over the years. Because you rely on it so heavily, you can't afford for it to go down for a few minutes because then there will be user impact. 

View full review »
EB
Azure Cloud Administrator at Randolph Brooks Federal Credit Union

We are a Microsoft customer. 

I'd advise potential new users to read the documentation and make sure that they know what they are doing before they begin providing access to users. If they don't follow the requirements of their company before creating users, they could have a data breach or provide the wrong access.

You can have a centralized solution that provides secure access. You can manage everything from one portal. Azure makes it easy.

I'd rate the product ten out of ten.

View full review »
DG
Senior Azure DevOps Engineer at SoftServe Ltd.

We are a Microsoft gold partner. 

I've used the conditional access feature, however, not very often.

If your company has more than ten users, you need this service. It gives you a lot of features to help manage your organization. A small startup with a handful of employees likely won't need it. However, if you have an organization with a financial department, a developer department, et cetera, it will get complicated handling access and permissions. Without this solution, you can't be sure you'll be safe - especially as you scale up your employees.

We use different models, including on-premises and cloud.

If you are a regular user, you don't need any special knowledge. However, if you are a technician, you can take exams from Microsoft and find materials about the product and really learn about it. That said, anyone can get a sense of the product simply by searching for it on YouTube.

I'd rate the solution nine out of ten. 

View full review »
LD
Microsoft Azure Active Directory Support Engineer at Tek-Experts

I would recommend Azure Active Directory to everybody. I would recommend others to use it to easily manage all the users. If you are dependent on an on-premises server, those servers may fail. Some people have too many old servers. If you move to the cloud, you don't have to worry about hardware maintenance.

Microsoft offers several ways to keep your data safe on the cloud. For example, you can choose replication. That means that your data will be at two different data centers. You can have your information at two different locations, such as in the east of the USA and in the west of the USA. If you are paying for higher services, all your information can also be in another country or region. So, all the information that a company may have in Azure will be protected if something catastrophic happens, which is something very important, especially for large companies. 

The improvements to the platform are constant, and the feedback that the customers provide to Microsoft is taken very seriously. They have a feedback page where the users can request new features or existing features that they are not happy about. Microsoft takes into account all these requests, and I see the response from the backend team or developers. I can see how they provide new products or good information about what they are doing right now to improve the services. Most of the requests are for new services and ideas, and most of those ideas are seriously reviewed. I can see that over the last few years, how many of these requests have become a part of the platform. So, you see improvements everywhere. There is also a change in Office 365, which will be soon known as Microsoft 365. They're changing the experience, and they are also changing the licenses to include more products. So, changes are constant. I am not saying this because I work for Microsoft. I have also worked for Amazon, and I see similar structures. They are making changes all the time.

Every day, I see the requests of customers and the response from Microsoft to those requests. When all these improvements are added to the platform, for those of us who are on support, the cases become easier to manage. It gets easier to provide solutions because we have more options to resolve the problems, and the customers also have more options. 

There are times when customers don't realize that the platform has changed and the services they used don't exist anymore. Usually, we provide support through Microsoft Teams and remote sessions. So, we go there, and we explain to the customer that they can do this because the platform allows them to select this and then do customization. So, everything is flexible. The customers sometimes are very surprised because they don't know that the platform has changed so fast. The experience of providing support becomes very nice when a customer is amazed by all the new features. They had been working in the old way, and they didn't know that they now have many options on the platform. In such cases, it is a very satisfactory experience for the customer and also for us. In some cases, it takes about 10 minutes, and the problem is solved. The customer becomes very satisfied with the solution.

I would rate it a 10 out of 10. I can't tell how happy people are when they call and are looking for such a service, and they realize that it already exists. They just didn't know about it. This rating is not based on the experience that I have in working with Microsoft; it is based on the experience of the customers I work with.

View full review »
Arun Govind - PeerSpot reviewer
Subject Matter Expert - Azure Identity at LTIMINDTREE

I would rate Microsoft Entra ID eight out of ten. I deducted two points due to the limitations concerning the connectivity of services for Android and other operating systems.

View full review »
RT
Cloud Architect at a financial services firm with 10,001+ employees

My advice for anybody who is considering Azure Active Directory is that if they are going to use other Microsoft services, like Office 365, then it's no brainer. It's the perfect solution for situations like this.

If you're using a different stack, like Google, and you choose a different cloud provider like Google or Amazon, then if you are using Microsoft, it is still good to use Azure Active Directory. The costs are relatively cheap compared to others.

However, if you're not using Microsoft products, then I would suggest that you could look to other vendors like Okta, for example. I had quite a few good references regarding Okta and the Ping Identity products. Ultimately, you are free to choose but from a cost perspective, Microsoft is great.

I would rate this solution a nine out of ten.

View full review »
Dumebi Chukwuemeka - PeerSpot reviewer
Cloud Security Engineer at a non-tech company with 10,001+ employees

I would rate Microsoft Entra ID a ten out of ten.

In the global identity management space, roughly 70 percent of organizations, in my experience, utilize Entra ID. One key reason for this adoption stems from the prevalence of on-premises Active Directory. Many organizations have long relied on this on-premises solution, and Microsoft's decision to replicate its functionality in the cloud, resulting in Entra ID, made the transition seamless for existing users. This familiar interface and consistent experience significantly eased adoption, leading to the 80 percent user utilization rate for Entra ID within my organization.

View full review »
Gabriel Avendano - PeerSpot reviewer
Senior Application Support Engineer at Sika AG

I'd rate Azure Active Directory a 10 out of 10.

View full review »
MR
IT Engineer at United Nations

I would rate Microsoft Entra ID nine out of ten.

Microsoft Entra ID is utilized throughout our entire environment. It serves as a singular identity provider for all aspects of our operations, including servers, applications, endpoints, and even external applications. For instance, we can authenticate third-party applications using Microsoft Entra ID.

The required number of personnel for maintenance depends on the size of the organization and the quantity of Microsoft products in simultaneous use. For instance, if we have Microsoft Entra ID solely for email and SharePoint online teams, and there are around five thousand users. In this scenario, I believe that dedicating approximately three to four individuals to Microsoft maintenance would be reasonable.

I recommend Microsoft Entra ID. Microsoft Entra ID can be utilized for third-party applications like AWS and Google as well. It's user-friendly, allowing us to authenticate the products or applications of our interest, even if they are not located in the same place as our origin; nonetheless, they will function seamlessly.

View full review »
Oscar Iván Mejía - PeerSpot reviewer
Database and Systems Manager of the IT department at Humanitree

I give the solution a nine out of ten.

We must go through the test and assess how users can be more comfortable using the combination. The administration area is the most difficult, as our users have to install an application on their personal cell phones or provide a number, which is challenging. Our staff is quite particular about privacy.

New employees may not be aware of the backend efforts to protect licenses and secure information when we ask them to use Microsoft Entra Verified ID. This is not intended to be intrusive, but when we ask a user to install the Endpoint on their personal cell phone, they may be hesitant and not want to be inconvenienced on a personal level. They would prefer the onboarding process to be easy and not involve these methods. They just want to enter a simple password and move on.

I recommend looking for documentation on Azure, as it is a huge service with great potential and can connect to many other services. Learning about Azure is very interesting.

View full review »
Antonio_Russo - PeerSpot reviewer
Principal System and Security Engineer at a insurance company with 201-500 employees

We use a hybrid approach on-prem. We have some log applications and some legacy applications that require us to have an active directory as a primary identity source of view. This means that we ship our identity to the cloud, however, we don't have a vice-versa mechanism. 

I'd advise potential new users should investigate by creating a POC free of charge. Microsoft offers free credits for POCs. These can be extended for a certain amount of time.

I'd encourage anyone to contact a Microsoft representative and set up a POC and get training material and really evaluate the product first. Once you use it, there's no going back.

I'd rate the solution eight out of ten.

View full review »
Christophe Humbert - PeerSpot reviewer
Security Architect at CloudsWizards.com

Make sure to use MFA and conditional access wherever possible.

Overall, I would rate Microsoft Entra ID a nine out of ten.

View full review »
Mangesh Parjane - PeerSpot reviewer
Senior System Administrator at Company3

I rate the solution nine out of ten, and I recommend it. 

View full review »
Prateek Agarwal - PeerSpot reviewer
Manager at Indian Institute of Management Visakhapatnam

Overall, it is a very good solution if you are hosting your applications in Microsoft Azure and you have multiple applications that need a single sign-on process. Azure AD is one of the best solutions on which you can rely, and I highly recommend it.

On a scale from one to ten, I rate Azure AD at nine.

View full review »
KP
Azure AD Identity and Access Management Engineer at a healthcare company with 10,001+ employees

I would rate Microsoft Entra ID a ten out of ten. I enjoy using Entra ID and I see the benefits of using it.

No maintenance is required, except for occasional log reviews.

View full review »
Prateek Walia - PeerSpot reviewer
Change and Communications Manager at a retailer with 10,001+ employees

To those looking to evaluate this solution, I would advise doing proper pilot testing to iron out any hurdles later on. It is important to take a call on whether you want to adopt the on-prem model or the cloud model. Obviously, the on-prem model is not sustainable if you're trying to secure your IT networks. The cloud model is more sustainable in that sense. I would advise taking that call right in the beginning.

I would also advise considering how to secure third-party devices. There might be third-party contractors who don't have the company laptops, but they do have company email ids to log into the company accounts from their own devices. You should work out how you are going to add those devices to the secure cloud.

I would rate it a nine out of ten. In the next version, if they can come up with voice recognition, especially for people with special needs, it will be helpful.

View full review »
IT Engineer at a recruiting/HR firm with 10,001+ employees

I would give Microsoft Entra ID seven out of ten.

Conditional Access works well with Microsoft Endpoint Manager, but there are better options, as Endpoint Manager is not the best service.

Microsoft Entra ID is an enterprise-level solution.

Microsoft Entra ID does not require maintenance, but the conventional access policy, AD Connect, and server-related ATSs all do.

View full review »
Daniel Amini - PeerSpot reviewer
Head of cloud, data, and AI at BJSS

I rate Microsoft Entra ID 10 out of 10. I would recommend it if you're using Microsoft or Azure. If not, I would still think about it because creating a tenant is free. There's only a licensing cost once you start putting users on it. 

View full review »
AB
It enterprise director at a university with 10,001+ employees

Microsoft Entra ID provides almost a single pane of glass for managing user access, but not in my organization's environment because we have a little bit of custom work to do at our end. It looks like my organization might be able to see how the solution provides a single pane of glass for managing user access in the future.

A single pane of glass affects the consistency of the security policies, as it helps reduce a lot of confusion for the IT professionals who need to work with Microsoft Entra ID. It is very confusing when IT professionals have to bounce to different URLs to find access to tools needed to do their jobs, which was an issue for me, but it looks like there have been some improvements.

I don't use Microsoft Entra Verified ID.

I do use Microsoft Entra Permissions Management, but probably not the way it is designed to be used.

The solution has helped my organization's IT admins and the HR department save a lot of time.

The solution has helped my organization save money, but I cannot quantify it.

I ardently carry out processes where I build out and test a solution and then run a proof of concept before moving to a particular product. I suggest that others who plan to use Microsoft Entra ID consider the aforementioned aspects.

I rate the overall product a nine out of ten.

View full review »
SS
Chief Digitalization Executive at a energy/utilities company with 1,001-5,000 employees

It's a very good product. It's a stable product. I'd highly recommend it.

Overall, I'd rate Azure Active Directory a nine out of ten.

View full review »
Selvakumar B - PeerSpot reviewer
Program Manager at Cyqurex Systems Ltd

Azure AD is one place where you can manage all users and devices and it's safe and secure.

View full review »
Jeff Woltz - PeerSpot reviewer
Principal at a computer software company with 51-200 employees

I rate Azure Active Directory nine out of ten. I'm sure there are some areas for improvement, but it's extremely valuable to us and the way that we operate.

Since we began to use Active Directory, I've learned a lot about industry best practices, particularly digital identity and its role in zero trust. By using a major mainstream identity provider, we're able to move toward the whole zero-trust model that's popular right now.

If you implement Azure AD, you need to consider the third-party apps you want to integrate. If they support competitors like Okta, Ping, and SailPoint, then they will almost certainly support Azure AD legacy applications. However, older software applications don't integrate well with Azure AD. 

View full review »
NA
Principal Service Engineer at a energy/utilities company with 10,001+ employees

Look at the market. However, look at it from an end-to-end perspective, especially focused on your applications and how a solution will integrate with your overall security landscape. This is key. Azure Active Directory provides this capability, integrating with your Office 365 tenant, data security elements, classifications, identity protection, device registrations, and Windows operating system. Everything comes end-to-end integrated. While there is no harm evaluating different tools, Azure AD is an out-of-the-box solution from Microsoft, which is very helpful.

Every day we are increasing the number of users and onboarding new applications. Also, we are growing the B2B feature. We try to use any new feature or enhancement coming in from Microsoft, working very closely with them. It is an ongoing journey.

Dealing with a single supplier is easier rather than dealing with five suppliers. Historically, if you have to do anything like that, then you will end up dealing with at least 10 different vendors and 10 different technologies. It is always interesting and challenging to manage different roadmaps, strategies, upgrade parts, licensing, and contracts. The biggest lesson learnt is wherever you can go with native-cloud tools and technologies, then go for it.

I would rate this solution as 10 out of 10.

View full review »
MW
Principal Consultant at a tech services company with 51-200 employees

I would rate Azure AD as a nine out of 10.

View full review »
DM
Interim Head at Division Public Education - St. Maarten

I give the solution a nine out of ten.

We have a full-time IT staff and part of their role is to maintain the solution.

Azure AD is an excellent and highly stable product. Its user interface is intuitive for those who have prior experience with Microsoft products. With some training, deployment can be carried out successfully. Our deployment experience was hassle-free, but the pre-training we received proved to be very helpful.

View full review »
Tom Kost - PeerSpot reviewer
ICT Project & Solution Manager at Kanton BS

I'm a Microsoft customer.

I'd advise any user to use MFA these days. There's not just war in Ukraine. There's also war in this kind of space and a multi-factor authentication method is a must just to make your cyber life a little bit safer at least.

I'd rate the product eight out of ten.

View full review »
JS
Director, Infrastructure at a retailer with 10,001+ employees

The biggest lesson that I have learned from using this product is that because it is a SaaS solution, it's easy to get set up and configured. It doesn't take a lot of overhead to run and quite honestly, the security on it is getting better. Microsoft continues to pump more security features into it.

My advice for anybody who is considering Azure Active Directory is that if you have Microsoft products that you are currently already using, I would definitely recommend it. This is a solution that seamlessly ties into your Office products, and into any Microsoft product, and it's really easy to manage. You can spin it up quickly, implement it, and get going right away. You are able to tie into your on-premise Active Directory as well. At that point, you can start to sync those two to manage all of your users and all of your groups in one place.

Overall, this is a good product and to me it's perfect but at the same time, nothing is perfect.

I would rate this solution a nine out of ten.

View full review »
AK
Technical Architect Lead at a tech services company with 10,001+ employees

We usually work for customers that deal with Microsoft. We're consultants, not direct Microsoft partners. 

I'd rate the solution seven out of ten.

View full review »
ElizabethHatfield - PeerSpot reviewer
Director of Business Operations & Program Management at a healthcare company with 11-50 employees

I rate the product nine out of ten, and I recommend it. 

View full review »
Sachin Vinay - PeerSpot reviewer
Network Administrator at Amrita

I rate Azure Active Directory a ten out of ten. I would prefer Azure AD to have multiple application scenarios requiring a single sign-on facility and complete authentication, validation, and security tracking. 

If they require it in their application, even if it is an on-premise or a host application, I would prefer Microsoft Azure AD because it handles all this simultaneously. No other application covers a complete range of activities in an all-in-one solution. 

View full review »
AM
Director of Engineering, Integrations at a computer software company with 11-50 employees

I give the solution a nine out of ten.

We actually integrate with Microsoft Entra and are able to add additional functionality to it. Entra does everything down to the entitlement level within applications, whereas our organization would go a little bit further and go to the object level. But from an overall user access perspective within our cloud environment, Microsoft Entra does give us visibility into what that user's assigned, based on their roles and group access.

We don't use Microsoft Entra in the way that most other companies are going to use it. We're looking at it from a strategic perspective for the security reporting application that we provide our customers. When a customer of ours would be using Microsoft Entra and they want to extend it to provide additional reporting or to actually go down and assign functions at the object level within their applications, they would use our organization to do that. I don't technically use Microsoft Entra to actually view what our users are looking at from a user access perspective.

I don't know if we use it internally at our organization, but in the majority of cases, the clients want to be able to have a place where they can do enterprise-wide identity management. And so that's what they are trying to get to with Entra. That's a question that a lot of our customers have across the board. The functionality that Entra provides is the ability to span across different either business applications or other third-party applications. The customer then has to be able to do identity-based access control from a single-pane-of-glass within our Azure AD instance.

I don't do the actual assignment within our organization from an Azure AD perspective. We extend what Microsoft Entra provides, from a feature functionality perspective. We have a separate IT team that would actually do the user creation and access assignment within Azure AD and I don't know if they use Microsoft Entra to manage all identity and access tasks within the organization.

We're a Microsoft ISV and we connect with a number of different ERP, CRM, and HDM-type systems, but we do security on compliance reporting and functionality.

We integrate with the solution. Customers that are using Entra, would or could use our organization when they need that extra level of detail. We use it for development purposes to actually create a working solution. We support that as far as when we do our reporting from our organizational perspective. I don't use Entra internally at our organization, so we integrate with it from a coding perspective. As far as features and functionality go, we integrate with it and we support it. 

We run the solution on-prem and then we sync that to Azure AD in the cloud, but it's on a normal public cloud, overall.

I think Azure AD is a no-brainer if you're a Microsoft shop and if you have other Microsoft products already. It boils down to what sort of office you're looking for. Being a development shop, it absolutely made sense to us to use Azure AD because we were already using Azure, so it could be included with that offering. If you're not a technical shop then I think you should have to look to see if it's something that you are going to manage, and how many other applications you manage within your organization from an access perspective. If you're doing that across 25, 50, or 100 different applications, then Azure AD is a great choice. If you don't really sign into too many things, then there may be more cost-effective ways out there. It depends on what your use case is.

View full review »
Srini Sigakolli - PeerSpot reviewer
Solutions Architect at a financial services firm with 10,001+ employees

Start small, then expand it. When your organization wants to add Azure AD, you can try it on a smaller scale first.

I would rate it as eight out of 10. I am unfamiliar with other products in this market. That is why I am compelled to give it eight out of 10.

View full review »
Martijn Goudkamp - PeerSpot reviewer
Professional ICT Consultant at ZenaConsult

I give the solution a nine out of ten.

The only maintenance required for Azure AD is to modify certain parts on Windows by using policies.

The usefulness of Azure AD depends on several factors such as our intended use, the current system, the number of users, and organizational size. While Azure AD is an excellent choice for larger companies, it may not be beneficial for individuals.

View full review »
AK
Product Manager at a training & coaching company with 11-50 employees

I rate the solution six out of ten. 

I don't use Azure AD's Verified ID, but I'm considering an identity management solution. I'm hesitant about which one to choose, and the choice is between a product from Okta and the one from Azure AD.

I use the Permission Management feature, which I look for when choosing an identity management product, but I'm still in the research phase with this feature.

Most of our staff are okay with the quality of the end-user experience within our organization, but it could be more comfortable to use for managers. It's a challenging solution to implement for every department or team because not everyone likes the UX, and it's pretty outdated when it comes to product document writing. I had an unpleasant experience when we had a power cut, and I lost two pages of documentation, as there is no autosave feature. This is important from a manager's perspective but less so for developers.

For those considering the solution, talk to your dev team to determine if it covers their needs. If so, use it, as it has many features and is very scalable.

View full review »
MM
Technical Manager at a non-profit with 201-500 employees

It will be a very good solution if your company is already using on-premises Windows Active Directory. Microsoft has provided a useful tool called Azure AD Connect. So, you can easily sync your on-premises Active Directory to Azure Active Directory, and you can easily implement the SSO.

Overall, we are satisfied with the solution and the features provided, and on a scale from one to ten, I would rate this solution at nine.

View full review »
MS
Senior DevOps engineer at a tech vendor with 51-200 employees

I would definitely recommend this solution. I have been using it extensively, and it works really well. It is one of the best Identity Provider solutions out there. You have all the guidance from Microsoft to set things up, and if there is an issue, their technical support is highly available. 

It has been around for a while now, and most organizations leverage Active Directory as their on-premises identity provider. This is just Azure managing your Active Directory for you. It is pretty popular and rock-solid.

I haven't used any other Identity Provider solution, which makes it hard for me to compare it with others. Based on my experience and the things that I have done and learned over time, I would rate Azure Active Directory a nine out of 10. 

View full review »
Nagendra Nekkala. - PeerSpot reviewer
Senior Manager ICT & Innovations at Bangalore International Airport Limited

Overall, I would rate Azure Active Directory a nine out of ten. It is a complete identity access management solution for security and managing all types of multi-cloud environments.

View full review »
SL
IT Manager at a non-profit with 51-200 employees

I give Azure AD a nine out of ten.

Azure AD requires very minimal maintenance.

I recommend Azure AD. The solution is straightforward.

View full review »
Dhiraj Verma - PeerSpot reviewer
Global Information Technology Manager at Kaleyra

I give the solution a nine out of ten.

Two to three engineers are required for the Maintenance. The majority of the maintenance is completed by Microsoft.

I recommend the solution to others.

We deployed the solution across multiple geographical areas.

View full review »
Amir Rashid - PeerSpot reviewer
Assistant Manager IS at Hilton PHarma

I rate the solution eight out of ten. 

Azure AD helped to save some time for our IT admins but not for our HR department, as they don't currently have access to the tool.

I recommend the product to those considering it, though it depends on the use case and requirements. If Azure AD has featured you don't need, then going with one of the cheaper competitors could be a better option.   

View full review »
RB
IT Manager at a tech services company with 10,001+ employees

My advice for anybody who is implementing Azure AD is to consider the size of their environment. If it's a large on-premises environment then you should consider a hybrid model, but if it's a small environment then it's easy to move to the Azure cloud model directly. If it's a small environment then Azure AD is also available on a free license. This is how I would suggest you start looking at having a cloud presence.

Azure AD is easy to integrate and manage, and it will reduce your capital cost a lot.

In summary, this is a good product but there is always scope for improvement.

I would rate this solution a nine out of ten.

View full review »
TM
Cloud Architect

I can't say for certain what our future plans are for Azure AD but I see it being used long-term. It has helped our organization to grow because of what we are able to do. Also, it has greatly improved our security posture because of the services that are available.

I would rate this solution an eight out of ten.

View full review »
SK
Chief Technology Officer at a healthcare company with 5,001-10,000 employees

We have a budget for Q4 2021. By Q1 2022, we are hoping to get one hospital completely in Azure by 2022.

The only way to learn about the value that Azure brings to the table is if a customer can use as an evaluation copy or license. Then, they can integrate and push the development OUs or the test OU to make sure that they can integrate with the MFAs.

I would rate this solution as an eight or nine (out of 10).

View full review »
SK
Information Technology Specialist at Self-Employed

At this time, Azure AD is the biggest cloud Platform as a Service that is available. They have 60+ cloud data centers available worldwide, which is more than any other organization. It is a service that I recommend.

My advice for anybody interested in this product is to utilize the free trial. Microsoft will not charge you anything for the first month. They will also give you a $200 credit so that you can use the services.

I would rate this solution an eight out of ten.

View full review »
CG
Sr software development engineer at a tech services company with 10,001+ employees

To those evaluating Entra ID, I would say that if you are on Windows Active Directory, just stay on it.

I would rate it a five out of ten. It is not ready yet. It needs focus by Microsoft.

View full review »
GR
Platform Enterprise Cloud Architect at a healthcare company with 10,001+ employees

I rate Azure Active Directory an eight out of ten.

View full review »
YM
Solution Architect at Komatsu

I'd rate the solution an eight out of ten. They do have an outstanding service compared to the competition. 

View full review »
JC
Identity Engineer at a pharma/biotech company with 10,001+ employees

I would strongly recommend implementing Azure Active Directory.

For new organizations, it would be best to start implementing directly on the cloud, and for our existing organizations who have on-premises solutions, it would be seamless to synchronize the on-premises user with the cloud and use that. 

I would rate Azure Active Directory a nine out of ten.

View full review »
CG
IT specialist at BMO Financial Group

Microsoft is a vendor that is always one step ahead.

The biggest lesson that I have learned is to read the documentation properly and thoroughly. Microsoft is great, but the documentation is sometimes updated and we aren't notified. This means that anytime you apply any solution, just make sure that you follow the proper guidance and always test before deployment.

I would rate this solution a nine out of ten.

View full review »
DM
Product Manager/Architect at a consumer goods company with 5,001-10,000 employees

For others using Azure ID, take cookie online training. They are widely available, free, and give you a very good idea of what path you need to go to. So, if you want to take some professional training to become a guru, then you know what classes to go take and the fundamentals that you need to take before you get into that class. So, I highly recommend taking the video term.

I come from an Active Directory background for more than 20 years. Coming into Azure was actually great. We had somebody leave the company who was managing it, and they said, "Hey David, I know you are working for this other pocket of the business. How would you like to come back to the identity platform?" I said, "Absolutely." So, it was easier for me to come up to speed in several of the advanced areas of Azure, e.g., conditional access policies. We are starting down a zero trust methodology, which has been very exciting for me.

I would give it a solid eight (out of 10). It has a lot of the features that we are looking at. I don't think there are any tools out there that will give you that one magical wand with everything that you are looking for, but certainly this comes close. Microsoft has been working with us to help us through some of the new features and additions that are coming.

View full review »
XC
Senior IT Consultant at a computer software company with 1,001-5,000 employees

We're integrators. We don't use the solution ourselves. 

We do not use Permissions Management. I'm not sure if it is one functionality or a combination of several. 

I'd rate the solution eight out of ten. 

View full review »
reviewer2102739 - PeerSpot reviewer
Hybrid Cloud Services Identity & Access Management at a financial services firm with 10,001+ employees

I rate the solution eight out of ten. 

My advice to others evaluating the product is to do good due diligence beforehand to determine a clear set of requirements, as with any identity tool or access management solution.  

View full review »
ManojNair2 - PeerSpot reviewer
Founder/Director at Augesys Solutions Pvt Ltd

You may have knowledge about the product, but when you talk to somebody else you get a slightly different perspective. Exercise that principle. Talk to one or two vendors, but talk. Spend time on the call. Understand what you want. One person might give you an idea of how you can deploy with your existing products, while another guy might say those products have these weaknesses and these strengths.

From the organizational perspective, it's not the native Azure AD components that provide value to the customer, it's more the other components. If you're a Microsoft 365 Business Premium customer, you get Microsoft 365 Defender. Along with that package, you get something called Secure Score for your organization. The beauty of Secure Score is that it gives you something of a benchmark. It says X percentage of organizations have this particular level of security score and it tells you how you can upgrade your security. It may tell you to enable something or disable a feature. After about a day's time, during which the change percolates across the organization, your security posture goes up a notch. That's a very useful tool for any organization, whatever the size.

The end-user experience is better because we don't have to have so many components on board, compared to other solutions, to do something. For example, even though Defender is a limited version in some critical aspects, it still does its job pretty well. One major benefit of having it is that we can control the policies of Defender from the Intune portal or the Microsoft 365 Defender system because it's backed by Azure AD. Azure AD plays a kind of backend role. 

It doesn't play much of a front-end role wherein I can create a policy. If I have to create a GPO, I must get the Directory Services component. Without that, I cannot create a GPO the way I would with the ordinary service. That's a critical difference. And with Microsoft, as usual, until you go digging around, you'll never know about this. I raised support queries with Microsoft and followed up with the tech support, after which I was informed that until I have Directory Services I can't do anything. This kind of clarity is not provided to the customer. Microsoft's website is really weak when it comes to providing specific details.

I would tell any organization that doesn't have Azure Active Directory today not to spend money on setting up a server and a data center and infrastructure. Simply upgrade your Office subscription, because it eventually happens. The world is divided into two major parts: Microsoft users and Google users, and there may be some percentage that doesn't use either product. If you're using these products and looking at ISO compliance, simply upgrade to Microsoft 365 Business Premium. You'll get Azure AD and then you can go about the rest of your work.

Overall, I rate Azure AD at seven out of 10. There is a huge difference in the capabilities between the on-prem server and the Azure version.

View full review »
KA
Dynamics 365 CRM / Power Apps Developer at Get Dynamics

We are a Microsoft partner.

I'm not sure which version of the solution we're using. This is an online service. As I'm a Dynamics 365/Power Apps developer, usually I don't bother to check what version of Azure AD is currently hosting on the online services.

I would advise new users, if they are using Microsoft online services, that Azure AD is the best choice for all identity and access management requirements. This is due to the fact that it is in the same ecosystem. It understands the needs of its own vendors much better compared to any other external identity service.

I'd rate the solution a perfect ten out of ten.

View full review »
MH
Enterprise Solution Architect - Security at a insurance company with 10,001+ employees

Compared to how it was five years ago, the solution is has really matured.

Make sure that business requirements are understood upfront and a design is in place before any services are deployed. Ensure the people deploying it understand the capabilities and implications of choices.

I would rate this solution as a nine out of 10.

View full review »
Mahendra Andhale - PeerSpot reviewer
Senior Test Lead at a computer software company with 1,001-5,000 employees

I give Azure Active Directory an eight out of ten.

I recommend Azure Active Directory.

View full review »
BENDER BENEDICT - PeerSpot reviewer
L3 Technical Support Engineer at SV Gaming Limited

My advice to someone looking to implement the solution is: your in-house technical support needs to understand the technology and your requirements as an organization because Azure is very robust. You need to know exactly what you intend to deploy and the requirements you intend or need. If you have that covered, Azure AD will be simple and straightforward to use. If you are able to plan and manage the users and services, it is really cost-effective.

I have identified that Azure Active Directory has a lot of features that are handy and useful. Microsoft is also constantly improving on it and it has all the required features that my organization requires. 

Azure AD is helpful and user friendly when it comes to managing identity and access tasks. It helps you manage that effectively because you have all the clouds, you have profile creation, you have all the features. Everything is easy to locate and simple to navigate.

Azure AD allows us to improve compliance for enforcing fine-tuned and adaptive access controls. It also allows us to manage access to all the applications in our environment. With it, we can create design policies that either the leader or the identify side from HR has to comply with before a particular user gains access into our environment or into a particular service within our environment.

We use Entra's Conditional Access feature in conjunction with Microsoft Endpoint Manager. We do so because one part allows for full control in the endpoint for managing access on the user and that user as an object, and then the other manages the device as an object.

This combination has the ability to reduce the risk of unpatched devices connecting to your corporate network. It will prevent a user from accessing an environment or a service space via a compromised device. If a user, for example, tries to access our network, service, or environment, via a compromised personal device, this combination will help prevent that kind of intrusion. Also, if a corporate authorized device gets compromised, that's when we find out the device is authorized to access that environment. It also helps to manage and restrict access.

Entra has helped our IT administrators and HR department save time. As a rough estimate, I would say it has cut our costs down by 20 hours per week.

Microsoft Entra has affected our employee user experience by helping to manage the end-to-end communication between user, device, and services by creating a very similar communication and very similar to the experience, which allows the user to be able to connect seamlessly to services and also to the device itself.

View full review »
NP
Head, IT Infrastructure at a comms service provider with 201-500 employees

I would rate Azure Active Directory a nine out of 10.

View full review »
Dhiraj Verma - PeerSpot reviewer
Global Information Technology Manager at Kaleyra

The people who are considering Azure Active Directory should look at it as a whole because even if their company is using G Suite, they will still have to go to Office 365 for accounting and finance users who are very familiar with MS Excel and still want to use it. I see most of the companies that are using G Suite will have Office 365 for certain services. There is no need to have two services, a single Office 365 platform will provide all the capabilities needed.

I rate Azure Active Directory a nine out of ten.

View full review »
HM
IT Manager at a renewables & environment company with 201-500 employees

As with any implementation, design is key. That would be applicable to Active Directory as well, but when it comes to Azure AD, do not start the installation unless you have an accepted design for it. You shouldn't just start creating objects on it. You need to have a clear strategy behind what you're going to do. That will save you a lot of headaches. If you start without any kind of design, at the end of the road, you can end up saying, "Okay, I think it would have been better to create this organizational unit," or, "We should have enabled this feature." It's probably not very straightforward to implement the changes. So have a team design the Azure Active Directory structure for you. You need to have the map before starting the implementation.

View full review »
Anish Bheekoo - PeerSpot reviewer
IT Lead at CMH

I rate Microsoft Authenticator ten out of ten.

We have 120 users. The solution is used daily and is required whenever a Microsoft account needs authentication to ensure that only the data owner or email owner has the proper authentication to access the mailbox or application.

I will advise people to continue using the Microsoft Authenticator because it provides security and data protection. From a cybersecurity perspective, it is beneficial to use the Microsoft Authenticator for the authentication of Microsoft products.

View full review »
Kent Nyberg - PeerSpot reviewer
Owner at Technosoft

I would rate Microsoft Entra ID eight out of ten.

We can achieve a great deal with conditional access policies; however, using the interface itself is quite cumbersome and not very user-friendly. Consequently, there are very few tools currently available that offer a well-designed user interface for managing access policies. This is consistently a highly intricate scenario.

Based on my experience, Okta functions primarily as a solution for managing customer access or customer identity, rather than being the conventional method for handling business or corporate identities. It's more focused on robustly managing customer identities. However, in my previous procurement roles, it has never been selected as the primary option. This could be due to my limited exposure to customer identity management. Thus, I find it challenging to draw a direct comparison. On the other hand, Microsoft Azure Active Directory can certainly serve as a customer identity management solution and is comparable in this aspect. However, the comparison doesn't hold true for user identity management.

The maintenance is controlled by Microsoft because the solution is on their cloud.

Organizations should refrain from exclusively using Microsoft Entra ID for all identity and access management scenarios. This is because relying solely on Microsoft Entra ID necessitates creating additional components ourselves to address aspects that cannot be readily addressed using the default Microsoft Entra ID setup. We are required to construct these components and establish phases for end users, as Microsoft Entra ID does not encompass all these functionalities. A more effective approach could involve integrating Microsoft Entra ID with another product, such as SailPoint. This combined utilization would likely result in a robust identity management solution. It's important to recognize that Microsoft Entra ID alone cannot adequately address all our scenarios.

View full review »
PS
Sr. System Administrator at FST Information Technology Pvt Ltd

It is good service and easy to use.

I would rate the solution as a nine out of 10. They should be improving the solution all the time.

View full review »
Trevor Mulanax - PeerSpot reviewer
Systems Engineer at a government with 11-50 employees

It is easy to use the solution's offering of a single pane of glass for managing user access if you have experience with Azure for a while. During the transitioning period, the depth that revolves around the concepts of blades in Azure can be annoying, especially while attempting to relearn the new places where everything is stored. It feels like Microsoft invented a new language for their new system, but a lot of it is just like an updated version of what it was. I have many people at work who have never heard of Microsoft Entra ID and claim to use Microsoft Active Directory without realizing they are the same. Microsoft Entra ID is just a new version of Microsoft Active Directory.

As a product that offers a single pane of glass, it works great and offers consistency to our organization's security policies if I consider the little or limited Azure we have.

My organization hasn't implemented the tool over 900 other devices yet, so I don't know how it will work after that.

Microsoft Entra Verified ID is good when it comes to privacy and control of identity data. Regarding Microsoft Entra ID, my organization sees a lot of contractors and vendors that come in, which gives us confidence or at least ways to sell it to politicians who have confidence that we can do something.

My organization uses Microsoft Entra Permissions Management, but we are not too in-depth into it. I feel Microsoft Entra Permissions Management is nice. I believe that Microsoft Entra Permissions Management helps reduce risk surface. I don't like one of the top-level tenants in the product. As the product goes down into different resources or subscriptions, I see that agencies own them. Sometimes, I feel my organization's offerings look good, but when I dig into the offerings of other agencies, I realize that we are not good.

The time-saving capabilities of the solution experienced by IT administrators or the HR department in my organization have been more or less the same.

I haven't seen the budget in a way that can help me figure out if using the solution in my organization has helped save money.

I rate the overall tool an eight out of ten.

View full review »
SD
Technical Architect at LTI - Larsen & Toubro Infotech

With Verified ID, things were secure. In recent news, there has been some hacking due to some developer using an email ID as opposed to OpenID, but our team did not use email IDs. Even if we were using email IDs for single sign-on, the user still needed to sign up with a password, so it was not possible to impersonate someone else.

The user experience, the interface, is very smooth. We have never had any problems with the single sign-on.

When applications are hosted on Azure, you should use the advantages of Azure AD.

View full review »
Carlos Brandao - PeerSpot reviewer
CEO at Intelliway

I would rate this solution a nine out of ten.

When we deployed Microsoft Authenticator for our clients, we initially had some requests for training. We delivered the training, and the end users could adapt to it; the transition was smooth.

The solution is extensively used within our organization.

View full review »
Michael Collins - PeerSpot reviewer
Head of Technology Service Operations at Macmillan Cancer Support

You need to make sure you've thought through how you're going to deal with your on-prem applications because having a hybrid solution like ours brings some challenges.

Ultimately, we will move completely into Azure AD, but we have a lot of on-prem applications and you can't use Azure Active Directory with them. Until we remove those applications and make things cloud-only, we will still need a hybrid solution.

View full review »
LO
Infrastructure Manager at trt18

We are integrated with NetApp because we use NetApp storage. It's pretty awesome. We are also integrated with many others, such as our data center hardware with storage from IBM. We're using it for logging switches, as well. It works really well.

My advice to others would be to look at the options and focus on how you can pay less. Do the research so that you buy just the essential licenses to keep it going. If you don't do the sizing well, you can buy more, but it's expensive to keep it going and pay for support.

View full review »
Anthony Alvarico - PeerSpot reviewer
Deliver Practice Director at DynTek

It's offered as a service. We're using the latest version. We use it with various versions of the cloud (public, private, cloud). That said, a lot of the time the organization also has already some Active Directory on-premises, and that is something that we help out with in terms of bringing them to the cloud, to the Azure Active Directory.

I'd advise new users not to be afraid to go to the cloud. The cloud has a lot of benefits, including software as a service, SaaS applications. You don't have to worry about hardware updates, or maintaining a license for different applications. Just go start small. If you're worried, start as a hybrid, which is most of the time maybe 80%, 90%. You can go from lift and shift to Azure Active Directory. If you're a new company, just go right to the cloud. It's easy. You don't have the legacy infrastructure to worry about.

Going to the cloud is as secure as ever. I feel a lot of organizations when you go to the cloud, especially Azure Active Directory, think you're sharing a piece of a rack due to the fact that it's in the cloud with Azure companies. It is a bit more complicated than that. However, the security is there. Azure Active Directory and going into the cloud has been around for 13 years. It's no longer a new or scary subject.

Overall, I would rate the solution at a nine out of ten. If they fixed little things like notifications and licensing issues, I would give them a perfect score.

View full review »
Prateek Agarwal - PeerSpot reviewer
Manager at Indian Institute of Management Visakhapatnam

Microsoft Authenticator doesn't require any maintenance. Microsoft takes care of upgrades and version changes.

My advice to others looking into implementing Microsoft Authenticator is to go ahead. I highly recommend Microsoft Authenticator to prospective buyers, especially those using Microsoft products. Microsoft Authenticator is the perfect solution for two-factor authentication.

My rating for Microsoft Authenticator is ten out of ten.

My company is a customer of Microsoft.

View full review »
BS
Systems Architect at a non-profit with 11-50 employees

Since we all use Windows laptops, choosing Microsoft Entra ID made sense. I think there's a cohesivity in what Microsoft is trying to do, and Microsoft Entra ID is a very core function of that strategy. It's easier to branch out to other security products, making it easier for us to expand that landscape.

Microsoft Entra provides a single pane of glass for managing user access.

Because of the solution's single pane of glass, we don't have to run around to multiple places, mainly to create or remove accounts. One of our biggest issues, especially in the past few years, is turnover. Removing accounts is a big issue because we don't know where everything lies. Trying to find those little corners where access has been granted and not knowing it for a year or two after the employee has left is a huge security concern for us.

Our HR department doesn't use Microsoft Entra ID yet, but the IT department extensively uses it. It saves all that account creation, and we don't have to run around to different products. The solution has saved our company at least a few hours a week. We can focus on other projects, and I can educate most of my staff who are doing it in other areas.

Microsoft Entra ID has not necessarily helped our organization to save money. As a nonprofit, we didn't have any solutions, so it probably started costing us more. However, I think it's paid off just by this security nature of things and having that single pane of glass.

Overall, I rate Microsoft Entra ID ten out of ten.

View full review »
JA
IT Project Manager at Orange España

If you are already using other Microsoft solutions for your computing, office, and enterprise applications, then Authenticator would be the best choice for you for multi-factor authentication.

It is a lightweight solution and has met the needs for which the solution was developed. Therefore, I would rate Microsoft Authenticator at ten on a scale from one to ten.

View full review »
DZ
IT Infrastructure & Tech Support Manager at a energy/utilities company with 1,001-5,000 employees

It's a very good solution, an excellent solution. It's very stable and robust. You don't need to do a proof of concept unless you have a special case, like, for example, fleet management, and have a very specialized application.

We use Entra’s Conditional Access feature but we also use other tools from other vendors. From our experience so far, we haven't had problems. Entra seems robust enough. We haven't even had one incident of malware. Of course, we have added some more tools to our cloud infrastructure for the mail applications in the network. So although it's robust enough, because we're handling critical infrastructure, as a company we decided to have more tools.

We use Intune and Endpoint Manager. Any device that is connected, even if it is a personal device, needs to be registered via Intune. We do not accept non-registered devices. 

Azure Active Directory, and Azure in general, is a very big solution that we are developing further. It takes a lot of time, but by using it, we don't need so many other resources from outside companies. We can manage everything in-house. It takes a lot of time, but it's better than other options. It has more tools and better monitoring. Those extra tools mean more time spent on it by the administrators. But it has dashboards that they didn't have before. So the administration is easier and more centralized, but you need time with all these tools.

View full review »
JO
Microsoft Teams Senior Engineer at a financial services firm with 10,001+ employees

It is pretty seamless for the end users, besides the end users having an issue setting up at times.

It is a seamless transition. It is straightforward on the admin side to set up. As a consultant, my advice to any company is that when it comes to big changes, manage end-user pain or frustration. Communicate with the end users and let them know what's going to happen. Explain to them that they're going to be frustrated, but explain why this exists. 

I understand why it exists. So, it doesn't bother me, but our end users just hate it. I understand that they don't like it. Nobody likes it, but it is needed. You are never going to meet an end user who likes any type of MFA, but you need to be more clear about its purpose.

I would rate it an eight out of ten.

View full review »
VamsiMohan - PeerSpot reviewer
CTO at HUBER

I would recommend this solution to others who are considering using it.

I would rate Azure Active Directory a ten out of ten.

View full review »
Anders Johansson - PeerSpot reviewer
Senior Specialist at Tieto Estonia

We are an integrator. We are using the latest versions of the product.

New users should know that it's quite easy to set up a sandbox environment and a free account in order to play with it. It's fairly easy to kind of set up the proof of concept.

I would rate the solution an eight out of ten.

View full review »
FN
Azure Cloud Architect at a engineering company with 10,001+ employees

Plan what you want. Think about whether you want native authentication and authorization in Azure AD. And if you want to have servers on-prem, you have to plan the kind of synchronization you want. Do you want passwords synced to the cloud or not? Instead of going headlong into using Azure AD and running into issues, the kind that require a change in access which could be problematic, plan before doing the deployment.

View full review »
AG
Solutions Owner at a manufacturing company with 10,001+ employees

Multi-factor authentication means you need to do an extra step, but that is normal because the attack surface is wider. We want to make sure you are who you say you are. That extra step impacts the end-user experience, but it's needed. The way authentication happens today is far different from 10 years ago. It may result in some added difficulty, but it is there to protect employees, organizations, customers, business partners, IT assets, data, et cetera.

View full review »
OA
Senior Infrastructure Security Engineer at a tech services company with 51-200 employees

It is an excellent solution. I would advise going for it.

I have received several complaints from different people and customers too, "Why do I have to do it two times? I want to do it just one time." However, there is a reason for it - we are increasing the security layer. That is why it takes two times, because it is organizational policy. So, they just have to comply.

Previously, admins could only release quarantined emails, so you would need to speak to the admin to release them. Now, if a user's message gets quarantined, then the end user releases it.

If you have Microsoft 365, then you have Azure AD. They go hand in hand.

I would rate this solution as 10 out of 10.

View full review »
YK
Sr Systems Engineer at a tech services company with 10,001+ employees

On a scale of one to ten, I would not rate Azure Active Directory as a bad product, I would rate it as an 8.

View full review »
DW
Managing Director at a tech services company with 1-10 employees

Overall, I would rate the solution a nine out of ten.

View full review »
Hosman Rodriguez - PeerSpot reviewer
Senior Manager Compliance at Appalachian Group

I would rate this solution 9 out of 10.

With a more complex environment, more complex tools are implemented. My thoughts are that they need to have a right and current inventory of applications that are compatible with single sign-on to properly implement that functionality, for example.

View full review »
AR
Systems Manager at a financial services firm with 10,001+ employees

We are using both the on-premises version and the SaaS version.

I would advise potential new users to learn a bit about the product before jumping in. If you are new, you need to do background research about Azure Active Directory. You also need to understand its purpose and how you want to leverage it. When you have a draft architecture in place, then you can go ahead and implement this solution. If it needs to be reimplemented, it is just a matter of five minutes.

I would rate the solution as nine out of 10.

View full review »
TO
Technical Support Engineer at Freelancer

Draw out a plan. Know what you want and your requirements. Microsoft has most things in place. If you have an existing setup or MFA agreement with Okta and other services, you can still make use of them at the same time while you are using Azure Active Directory. Just know your requirements, then look for any possible way to integrate what you have with your requirements.

Overall, this solution is okay.

I would rate this solution as an eight out of 10.

View full review »
SW
Senior Manager Identity Access Management at a tech vendor with 1,001-5,000 employees

I would rate Microsoft Entra ID a nine out of ten. It is very good.

View full review »
Maximilian Conrad - PeerSpot reviewer
Cloud Architect at a transportation company with 10,001+ employees

I rate the product a seven out of ten. 

View full review »
TY
IT Specialist at Global Biotech Products

I would recommend this solution to others. Overall, I would rate Microsoft Entra ID an eight out of ten.

View full review »
FA
Desarrollador de .NET at Banco Azteca

I am a Microsoft-certified systems engineer. I've been doing this for the last 22 years.

I'm a partner and reseller. We work with several specialists for deploying, project management, and development of solutions around Microsoft technologies.

For any customer or any client that is interested in deploying Azure Active Directory to have a full strategy for hybrid environments. They need to take into account users on-premise and users and resources in the cloud in order to have an integrated architecture and solution to best utilize the Azure Active Directory capabilities.

I'd rate the solution at a nine out of ten.

View full review »
NK
IT Manager at EPC Power Corp.

It depends on their requirements and what they are trying to achieve. One shoe does not fit all feet, so that's why it might be different from company to company. For us, it met all our requirements. It was very scalable, which is huge, and just always available. You don't have to be very worried about maintaining your own hardware, your own infrastructure, updating the servers from time to time or caring about securing your on-premise infrastructure. Azure AD is a good solution. I am satisfied with it so far and everything works great.

On a scale of one to ten, I would give Azure Active Directory a nine.

View full review »
HP
Computer engineering student at a educational organization with 501-1,000 employees

My advice for anybody who is implementing Azure AD is to study the basics. Get to learn how this access management solution works. We used Microsoft Learn and YouTube videos to assist us with doing so.

In summary, this is a complete solution for any company, but it requires some time and practice.

I would rate this solution a nine out of ten.

View full review »
VK
IT Consultant at a tech services company with 1-10 employees

There are two different Premium versions of this product available, being P1 and P2. For 99% of our customers, P1 is enough. The P2 version has some advanced features required by a small number of customers.

Overall, my experience with Active Directory has been very good. When we work in the cloud, this product provides us with almost everything.

I would rate this solution a nine out of ten.

View full review »
SM
IAM / IT Security Technical Consultant at a retailer with 10,001+ employees

It's an easy tool to explore if you have already worked with the on-premises data services. There is good documentation available on the Microsoft website. If Microsoft provided more time for new users to explore new features, that would help. Everyone could learn more and contribute more to their companies or to the projects that they're working on. But it is easy to learn.

Just be careful, because you are in the cloud. You have to be aware of access, AM, how the user is coming into their account, where the user is going and what the user actions are, and what access they have. Always try to enable single sign-on, so that if any fraudulent user comes into the picture, you can remove them as soon as possible. So enable those features for admin accounts and use privileged IT management, vaulting the password. You have to strictly follow the security standards, because it's open to the public when it is on the cloud. You have to be very careful about the project requirements, the end-user requirements, and what the business stakeholders need.

When we started with Azure AD, we didn't restrict much. Later, we restricted a few possibilities, such as users logging in with their social accounts, or email accounts like Yahoo accounts or Outlook. Initially it was open to all. Any user could invite a guest user and provide access, but later we restricted things with conditional management, and restricted users so that they could not connect to their Gmail accounts. We are coming up with more policies as well.

We have ongoing discussions with Microsoft Azure AD regarding how we can best protect our entities and what the behaviors should be. We have some more specific requirements in the company, related to project behavior. With IaaS, you have to welcome everyone. You have to put virtual machines in the cloud. You can use the password services and develop custom APIs and deploy them. 

We are trying to define our security policies as much as we can, as we are seeing many changes in the market and are trying to restrict as much as we can. Only users who are least privileged can have an all-access. The most privileged will have additional authentication. We're trying to differentiate.

We have to be very careful about the administrative part, so that operations can easily manage without any hassle. Because we don't have natural restrictions, we are trying to implement our own rules.

As we are moving to the cloud, we have to be very careful when it comes to Azure Active Directory. If there is a mistake and a random user can log in to the directory, they could have access to everything. A user should not have access to whatever he wants, so setting up the right level of authentication and authorization is important. Use IAM very effectively. Identity and access management is a powerful space where one has to be very careful in choosing and configuring policies and standard procedures. We're trying to define that and be careful when with all platforms, whether IaaS, SaaS, or PaaS. At the moment it's going well.

We are merging many things in the tenant. Before, we only had SaaS. We are trying to welcome PaaS and IaaS to use the same production tenant. We have to exercise caution for everyone, all the individual policies, groups, and service principles. We have to enable all the features that you are capable of, such as user sign-in permissions, and application sign-ins. That has to be continuously monitored.

We have a good rapport with Microsoft. We have good support. We'll be exploring all the new services, like the managed entities and their other services that have come up. We are trying our best to explore and use the latest features that are available.

View full review »
Alexandru Hagea - PeerSpot reviewer
Network and Security Lead at Accesa

I'm a user.

I'd rate the solution nine out of ten. I'd advise others to use it. Even the free tier has a lot of features that even a small company would benefit from. 

View full review »
Mangesh Masaye - PeerSpot reviewer
Manager at UPL

Azure Active Directory is a cloud-based solution in which we have done our integration with our applications.

We currently have five or six different teams using this solution. We have three people with admin rights, 3 technicians, and a technical team. Some users have admin rights, e.g. general admin rights, while some have basic rights.

Our plan to increase the usage of Azure Active Directory depends on how many new employees will join the company. It could happen.

I'm recommending Azure Active Directory to other people who want to start using it because it meets requirements.

I'm giving Azure Active Directory a score of 10 out of 10.

View full review »
JG
Cloud Systems Administrator (Servers and Storage) at University of Bath

I think that overall, using Azure AD is very straightforward.

My advice for anybody who is considering Azure AD is to look at the products, understand the role of AD, and see how it works in their environment. Then, before they roll out, test it well.

The biggest lesson that I have learned from using this product is that it helps with better organization and allocation of rights and security.

I would rate this solution a ten out of ten.

View full review »
MS
manager at a retailer with 10,001+ employees

We are just a customer and an end-user.

I'd advise those considering the solution to find a good partner to work with. You do need to have an experienced system integrator with you when you do the implementation. The integrator we brought on did a good job on our side.

I'd rate the solution at a nine out of ten.

View full review »
AB
M365 enterprise Advisor(Azure) at a tech services company with 501-1,000 employees

Since people might not be very familiar with the platform, I have developed a system for how to use, deploy, or utilize the technology.

At the end of the day, it is about the overall goal because everything comes with a cost. Azure AD comes in different ways and shapes, e.g., SaaS is different from IaaS or PaaS, though it is still the same platform. 

Whether you are a small business or large business, you can always enjoy a very secure cloud platform. 

I would rate Azure AD as a nine out of 10.

View full review »
TA
IT Security Consultant at Onevinn AB

Talk to someone who knows a lot about it. Sure, you can look at everything on the docs.microsoft.com page, but it can be hard to understand what each feature is and the value it give you. Talk to someone who knows both licensing and technology, to understand what's there and what you should pay for and what you should not pay for.

There are also a lot of good videos out there, like sessions from Microsoft Ignite. You also have the Microsoft Mechanics video series on YouTube with a lot of videos. So if you like to learn through video, there's a lot available for you. You can also go to docs of Microsoft.com and search for Azure AD. You will get like a starting page where you can learn the identity and access basics or also how you integrate apps. There is a link collection with everything and anything you would like to know. Or you can call me.

We are Security advisors. We help people, we train people, we implement it for them, we document it, we teach them, and we talk at seminars. We sell our knowledge. We don't sell solutions. There are 25 people in our company and five to 10 people are working with Azure AD. It's not that we need five for our daily operations, it's just that's how many of us are working with it. In general, a company might need one to five people working on it. If I need to set up a feature for five people or 500,000 people I do the same steps. The thing that is different in bigger companies, is that you need to communicate, you need to educate, you need to write Knowledge Base articles, you need to inform the service desk. All of those things are just to prepare users. But that has nothing to do with Azure AD. The technology is super-simple. It's more that the process around it is different in different companies.

View full review »
FA
VP of IT at a financial services firm with 51-200 employees

I would rate Microsoft Entra ID an eight out of ten.

View full review »
AO
Technical Lead at Freelance Consultant

I'm actually a customer. I have an environment in my home meaning I have a subscription that I've paid for. However, I also do consultancy based on the knowledge I currently have. I offer my knowledge to other organizations.

I would advise new users to allow open demos of cloud solutions and figure out what is on offer, what is available, or what can be made better. By doing a POC, you'll get to see resources used and what it's like to handle an environment entirely in the cloud. Organizations can consider gradually moving over or they can actually move completely to the cloud depending on what they want to do. 

I'd rate the solution at an eight out of ten. It's a good solution, especially for companies following the trend of moving onto the cloud. There's always room for improvement, however, currently, they are doing very well.

View full review »
FT
Support desk representative at a consultancy with 11-50 employees

I'm a customer and end-user.

I don't use the conditional access feature. 

I'd personally recommend the solution to anyone. I'd rate the solution ten out of ten. 

View full review »
Marios Christodoulou - PeerSpot reviewer
DB and Systems Engineer at JCC Payment Systems Ltd

I rate Azure Active Directory a nine out of ten. You should use premium licenses or Azure directly whenever possible to take advantage of the new security features since E3. 

View full review »
Rajorshi Roy - PeerSpot reviewer
Jr. System Admin at a tech services company with 5,001-10,000 employees

I would rate the solution a 10 out of 10.

I would advise potential users to familiarize themselves with the basics of the solution; how to set up an account, how to use the app etc. It's always a good idea to have a clear reason for using a particular solution, how it functions, and what role it fulfills.

View full review »
NR
Sr.Piping Engineer Construction at a energy/utilities company with 10,001+ employees

I would rate this solution 9 out of 10.

This product is very nice. It's a legacy application, so the people using it are very familiar with it.

View full review »
Ajay Kuamr - PeerSpot reviewer
Network and Computer Systems Administrator at Bahwan

I rate Active Directory eight out of 10. I think this is a good product. Most enterprises are using this. We don't currently have any plans to switch, but we're planning to migrate more into the cloud. However, cloud service is still costly, so we are working on the premiums. I would recommend Active Directory for any large-scale company, organization, or university. 

View full review »
TM
Assistant General Manager at ELEVATE Solutions Limited

I would rate the solution at a perfect ten out of ten overall. It's the best product. I'm really happy with it. 

View full review »
DN
Technology Security Specialist at a financial services firm with 5,001-10,000 employees

I would highly recommend this solution. We plan to keep using it for the long term.

It is among the best in the industry, but there is room for improvement. I would rate it an eight out of 10. 

View full review »
JS
Consultant at Upwork Freelancer

People have a tendency to keep their information in-house, but the cost of keeping information on-premises in SharePoint servers is very expensive. There is a good chance that, if something happens, they will lose the database. There is no backup. And to keep a backup, you have to pay more for a cloud backup solution to keep your data on another server. You are compromising with your data in a two-sided scenario, where one is on-premises and the other is on a data server as a backup. If you go for the cloud version of Active Directory, everything is secure and everything is in the Microsoft data center, which is reliable and secure. They have disaster management and recovery. That's a win-win situation.

My work is generally on device management, which is on Intune, Endpoint Manager, and Cloud App Security. These all work hand-in-hand. Azure Active Directory is just an assembler of management resources, but Intune makes the device secure. The policies create restrictions. These things work together. If you need Active Directory, you will definitely need Intune.

The largest deployment I worked on with one of my clients was about 2,500 computers. As far as managing them goes, it varies, between 200 to 300 computers at one time in one environment. If I'm working on providing a day-to-day solution, it is different because the queries are different. People usually have problems related to smaller queries, like their printer is not connecting, or they are not able to access SharePoint, or they do not have permissions for a given file. But as far as deployment and designing the architecture of Azure Active Directory goes, I work with midsize companies.

To summarize, the big advantages of this platform are the reliability, cost-effectiveness, and security. These are the features that make it one of the best solutions in the IT industry. Azure AD is the future. Everyone is adopting the cloud environment. I, myself, use Azure Active Directory for my own devices and resources. I encourage other people to accept the future. It gives you more security than the on-premises Active Directory. To me, it is the best solution.

View full review »
SH
Director of Infrastructure at a healthcare company with 1,001-5,000 employees

Microsoft Entra ID helps save money since you don't need a second MFA solution. I rate it a nine out of ten. 

View full review »
Andri Ottosson - PeerSpot reviewer
Network specialist at a wellness & fitness company with 501-1,000 employees

For those looking to implement Azure AD in their organization for the first time, it would be recommended to get rid of the legacy Active Directory right away and go straight to Azure AD instead of starting out hybrid and having to wind that down. If local Active Directory isn't needed, it's best to move all authentication over to the cloud and scrap the Active Directory domain controllers. The Entra portal is a huge benefit as it provides a consolidated view of everything and makes it easier to navigate security, users, conditional access, and identity protection.

Microsoft has been consolidating the view to provide a single pane of glass. It has been more and more down to that. They're now out with something called Entra. It's the Entra portal, and it has a very consolidated view of everything I need to do. Microsoft Entra is basically Endpoint Manager, Microsoft Defender, and Azure Active Directory pulled together for an easy view and ease of navigation. I've started to use Entra a little bit. It has only been out for a little while, but it was created to simplify finding everything. So, instead of navigating through the portal at Azure, I've started using Entra. I like it a lot. At first glance, it looks very intuitive, especially based on how I've been navigating until now. 

What Entra is doing is a huge benefit. If you're starting up today, it's much easier to get into security, users and conditional access, and identity protection. They've consolidated most of the important things there. You can navigate to everything from there, but they draw forth the most important ones in a more intuitive way. They've done that, and what they've done with Entra is what was missing.

Overall, I'd rate Azure Active Directory an eight out of ten. 

View full review »
JW
IT Consultant at a consultancy with 10,001+ employees

I would recommend this solution to others who are interested in using it. It is easy to use and it fits its purpose.

Because it is scalable and reliable, I would rate Microsoft Authenticator an eight out of ten.

View full review »
Mohamed El-Sherbini - PeerSpot reviewer
IT Manager at Mada Insurance

I would recommend this solution to potential users.

On a scale from one to ten, I would give Azure Active Directory a ten.

View full review »
SK
Manager, Technology Delivery at a educational organization with 11-50 employees

People have personal preferences in respect to choosing a cloud provider because there are many out there. In terms of support, you have to know exactly what you're looking for and get the pricing figured out. It is important to come up with a proper plan for the implementation.

I rate Azure Active Directory an eight out of ten.

View full review »
MR
Director of Cybersecurity Solutions at a computer software company with 501-1,000 employees

I would advise spending more time on planning and aligning your business processes with Active Directory and Azure in terms of custom schema and separating third-party accounts, external accounts, or customer's accounts from employee accounts. I've run into issues when people take an existing on-prem solution that has third-party entities or maybe external customers and start synchronizing it up. It is not a slam against the service, but that's where I start recommending people to do different instances of Azure Tenants to break that up a little bit and provide that separation. All of these are planning functions. Using this service can be deceptively easy, but you should spend more time on planning. Around 80% of it is planning, and the rest of it is the implementation.

I would rate Azure Active Directory an eight out of 10. It is super solid. I wouldn't say it's the best. I would love to have everything that you could do on-prem. I understand why it can't do that, but I would love that flexibility.

View full review »
SW
Senior Information Technology Manager at a manufacturing company with 10,001+ employees

Overall, I would give Microsoft Azure Active Directory Premium a rating of four out of ten. They could really benefit from some better user-training. 

View full review »
JP
Security Architect at a hospitality company with 10,001+ employees

I have spent seven years at Microsoft, so I have a tendency to like Microsoft solutions because I know them and the philosophy behind them. Till now, Azure AD is probably the best solution for identity and security.

I also use Okta. For integration with Microsoft solutions, Office 365 Azure is just right. However, for some scenarios, such as consolidations, Okta seems to have a few advantages as compared to Active Directory. Okta also has a very interesting price.

I would rate Microsoft Azure Active Directory Premium an eight out of ten.

View full review »
RJ
Database Manager at Wartsila India Ltd

Be aware that it may not work perfectly globally yet. There are still glitches with the solution in Africa.

View full review »
JL
Lead Systems Engineer at a non-profit with 1,001-5,000 employees

Microsoft Entra ID has helped us save money. It also helped us save 70 percent of the time. I rate it a nine out of ten. 

View full review »
Akin Ayodele - PeerSpot reviewer
General Manager at a tech services company with 11-50 employees

Regarding Entra, the expectation is that when it is deployed, the employee experience should be better. We haven't started exploiting all the features of Entra. It makes use of the core Active Directory: identity and access management, conditional access, et cetera. But we're not making use of all its features at the moment. We hope to implement them in the near future.

Overall, I'm satisfied.

View full review »
RS
Senior Technical Architect at a tech vendor with 10,001+ employees

I would definitely recommend using Azure AD. Many companies are moving from other vendors to Azure because every company uses Office 365 anyway for Word, Excel, and PowerPoint. As soon as you use that, by default, you get an Azure AD account. If you have an Azure AD account, you definitely have features to use. Why would you want to go for another product?

Overall, I haven't seen any major issues with the product.

View full review »
TB
Executive Director at a financial services firm with 1,001-5,000 employees

From an AAD standpoint, I don't think we've had any issues. The data replicates correctly and no one really has a problem with their credentials from AAD. It's meeting our expectations.

View full review »
AM
Cloud Architect at a hospitality company with 1-10 employees

I'm not a Microsoft partner. I work as a consultant.

I'm predominantly using the SaaS deployment version. 

My advice to potential users is on the security side. There was a famous article on Gartner which clearly stated that by the end of about 2023 or 2024 if someone tries to access your network or if anything becomes accessible or has been exposed, it is not the cloud provider that is the problem. It is due to a misconfiguration of the services.

It's not really with the user. It's really with how and what kind of access you provide to that user. For example, if I give someone an admin status, and they provide access to someone, they are providing not only basic access, they’re giving access privilege or admin rights. If they’re giving admin rights to the wrong person, even though they may have the best intentions, due to a lack of knowledge, that person may do something stupid and it may be a disaster to the company. That has nothing to do with the AD users themselves. You need to be aware of the security and the access that you're granting your users at all times.

I'd rate the solution at a nine out of ten.

View full review »
KO
Senior Support Engineer at a tech services company with 1,001-5,000 employees

In general, there has been improvement in the way the technology can be used by end-users. Their feedback has been taken into consideration and that has helped a great deal.

Azure AD has features that have been developed purely for the security of users. It has things like Conditional Access policies and MFA. But the nature of the support that I provide in Azure AD doesn't focus on security. While Azure AD gives a company a holistic way to manage user profiles, I don't usually work on security aspects. But I do know that, to a large extent, the solution is built using the latest security.

The provisioning service I support has authentication methods. There has been a push by Microsoft to move customers away from certain authentication mechanisms that are not very strong in terms of security, and to make sure that secure standards are being enforced. I have looked at integrations set up by customers where they have only done the basic minimum in terms of security. Microsoft had to push those customers towards a much more secure setup. So customers are getting better security.

Overall, the effect of the product on my customers' experience has been good. I generally come into the picture when customers are having an issue. Most customers I've interacted with don't understand some information or why the product is designed the way it is. When I explain that it has to be this way so that they can do what they need to do, the customer feedback comes in at about an eight out of 10.

View full review »
RL
Integration Manager at a healthcare company with 10,001+ employees

I'm an end-user of the product.

We're always on the latest version of the product. Being on the cloud ensures we are always up-to-date on versions. 

I'd rate the product at an eight out of ten.

View full review »
AO
Senior System Administrator at a financial services firm with 1,001-5,000 employees

It is a very good product. I plan to keep using it because it is very easy to manage.

If you use an application in Azure and you want single sign-on for Azure products, you should prefer using Azure AD. You should synchronize your on-premise Active Directory to Azure AD. We synchronized Active Directory with Azure AD for single sign-on. For example, if a worker wants to sign in on your computer with the same user ID and password, he or she can connect to Azure services. Azure AD provides support for this.

I would rate Azure Active Directory a nine out of 10. 

View full review »
NK
Senior IT Manager at Excelra

We will keep using Microsoft Authenticator as a secondary solution. We prefer Microsoft SMS Authenticator over Microsoft Authenticator. 

I would recommend this solution to others. I would rate Microsoft Authenticator a nine out of ten.

View full review »
JB
Works at Aura Advanced Tech

We are partners with Microsoft.

I would rate Azure Active Directory an eight out of ten.

View full review »
VS
Associate Technical Lead at SoftwareONE

I rate Azure Active Directory a ten.

View full review »
JO
Principle consultant at Active Data Consulting Services Pty Ltd

It is easy to use, straightforward, and in my language. It does exactly what is says, and does not pretend to be anything else.

View full review »
LC
Director of Application at a university with 501-1,000 employees

Microsoft Entra ID is very transparent and easy to access. It is easy to understand, but you shouldn't get lost in the updates. 

The product has helped our IT administrators save time. We will be onboarding the HR team soon. 

My company is loyal to Microsoft products because of its consistency and flexibility. 

I rate the product a ten out of ten. 

View full review »
NA
Chief Information Officer at a construction company with 10,001+ employees

We're planning to use conditional access to access controls, but we have not done so in the meantime.

The solution doesn't require much maintenance; we're talking about two or three people.

View full review »
AS
Senior System & Security Administrator at a legal firm with 51-200 employees

We're a partner.

I would recommend the solution to others. If they just read a bit about it and connect with Microsoft, they'll likely get some good advice as to how to use it. 

I'd rate it at a nine out of ten. 

View full review »
RH
Sr. System Engineer at PT Smartfren Telecom Tbk

I rate Azure Active Directory an eight of ten.

View full review »
PV
Microsoft Azure Engineer at a tech services company with 10,001+ employees

We are a Microsoft partner.

We use several versions of the product, including 2016 and 2019. For one customer, they're running 2008, which is the old version, and I just upgraded them to 2012. The domain controller is 2012 R2 and has the latest patches.

I'd advise new users to do an original design with an architect, and think about scaling up while considering services you will be adding in the future. It's important to plan the security tightly and do a neat design and consider services such as BitLocker and other resources that will be needed.

I'd rate the solution at an eight out of ten.

View full review »
GR
Cloud Admin at a tech services company with 10,001+ employees

In summary, this is a good product and it has been helpful for us, but without doing the proper research, I wouldn't recommend starting with Azure Active Directory. Migrating all of your user accounts and then your resources from different domains to an Azure Active Directory is a huge task. It means that you have set up to create everything from scratch, so without doing proper research, you may run into problems.

I would rate this solution an eight out of ten.

View full review »
PF
Vice President - Network and Infrastructure at NJA LLC

Our organizations has a few partnerships with Microsoft.

I don't know which version of the solution we're using. It's most likely the latest, due to the fact that it's a cloud deployment.

The only advice I have for other organizations considering the solution is this: just make sure that you have the right requirements. It's never a carbon copy. Every environment has different needs and requirements.

I'd rate the solution eight out of ten.

View full review »
PR
Software Engineer at a computer software company with 10,001+ employees

The suitability of this solution depends on the technology and the environment at the organization. Many companies are still transitioning to the cloud, leaving part or all of their data on-premises. Ultimately, it depends on the data that they have and their preference or requirements for keeping it on-premises. In some cases, people want to move only non-private data to the cloud. All of these things have to be considered before implementing Azure Active Directory.

I would rate this solution an eight out of ten.

View full review »
Anteneh Asnake - PeerSpot reviewer
Modern Data Center and Cloud Engineer II at IE Network Solutions PLC

I'd rate the solution a ten out of ten.

View full review »
SW
Senior Information Technology Manager at a manufacturing company with 10,001+ employees

We're just customers. We don't have a business relationship with the company.

While we use the on-premises model, we also have it synced for hybrid functionality.

With COVID especially, there have been a lot of changes in a lot of companies and a lot of rethinking of processes lately.

We're in the process of rolling out Office 356 internally. We've had really great feedback that people really like Teams, and we want to move more into that area. We had a roadmap meeting with Microsoft a few months ago. It was probably five months ago, four or five months ago.

Some of the more accessible types of items were on the roadmap for the first quarter of this year. However, Microsoft's working hard at listening to customers, especially through the COVID situation that changed a lot of work and priorities. The collaboration stuff has changed. They've been pushing a little bit more on getting some more integrations. We're not going to have that kind of clout where I am, however, where I used to work, we would have. We were the ones that were making sure the Exchange got upgraded and got to the developers.

I would rate the solution at a six out of ten. If the solution offered better transparency/clarity I might rate it higher.

View full review »
MO
Head of enterprise systems at Fidelity Bank Plc

In our current use case, there is nothing that is lacking. This is definitely a product that I can recommend for other users.

I would rate this solution an eight out of ten.

View full review »
DM
Solution architect at a insurance company with 5,001-10,000 employees

We're just a customer.

We're using the latest version of the solution.

I would recommend the solution for employees. It's a really great tool. However, we tried it also for consumers, for clients for B2B and B2C. For me, it isn't really a great production product. We researched Okta for that.

Overall, I'd rate the solution nine out of ten.

View full review »
KM
Senior Consultant - Owner with 1-10 employees

The biggest piece of advice is if you're planning for all applications that need authentication, and making sure that all applications that need authentication or that you're going against, that you're using the premium parts of Active Directory for, are compliant with the solution and not finding out afterwards.

View full review »
AN
Information Security Officer at a computer software company with 11-50 employees

Just follow the book.

View full review »
MR
Head of IT at a non-profit with 51-200 employees

I would advise getting some help from professionals to implement it. You have to implement it in a very planned way with a very detailed roadmap.

I would rate Microsoft Azure Active Directory Premium an eight out of ten. It is quite good, and we are quite pleased with this solution.

View full review »
JA
Chief Executive Officer at ZDAPT

I have not used this product to its full extent but from what I have used, I find that it works well.

My advice for anybody who is implementing AD Premium is to understand what it is that they're going to use and how they're going to manage identity. I suggest doing a lot more in terms of identity governance.

I would rate this solution a nine out of ten.

View full review »
HB
Lead System Engineer at a media company with 501-1,000 employees

If you want secure data and secure identities, go for Microsoft Azure AD.

View full review »
it_user623721 - PeerSpot reviewer
Consultant with 10,001+ employees

Last year Microsoft had said that the onsite Active Directory ,as we know it, is going to be deprecated. So that means group policy, that means security groups, the NTLM and all that  we've relied on for so long is going to come to an end with this modern management philosophy. That's why I did those group policy changes. From group policy, which is essentially the ability to control the operating environments of managed devices, rather than that, Microsoft wants only a mobile device management policy. So it's pretty much a HTTPS or SSL assertion to manage devices off the domain, and they will all come from Intune.

So, they're not going to be managed by a set of static policies. They're going to be set by a whole heap of compliances. Does that make more sense? It's not conforming. It's when you assert yourself, and us for a particular requirement from the domain. They check your requirements per request, which takes the load off the environment quite a bit. So they only validate you when you ask.

It's a lot easier to get an engineer to understand the Microsoft stack then some esoteric random "Joe." There's just are not enough people in the field.

You're better off creating a pilot tenant on your own. You can set up one that's free using one of their 30 day trials, and while you're doing that try and make it as realistic as you can to the environment you're coming from. Make sure that it is true in terms of network, commissuib and integration. If you're going to use a MDN for mobile device management, or you're going to use applications for the federated sign-ons. Try and get as much as you can in it. You've got 30 days and they're quite liberal with allowing you to trial it.

Most of the capabilities are there internally. You can't expose external DNS names or anything and use it as an external platform, but internally you can. So spin up a VM or something internally and do the same things you would. I'd dare say: test it and prove it. You've got to prove it to yourself before anybody. I wouldn't trust anything from a brochure or anything else. Your reputation's on the line. You're doing something important for someone else and you've got to verify it yourself and put it through the paces. Spend enough time doing proof of concepts and pilots.

View full review »
JS
Director General

I like it, I love it and it works fine.

View full review »
KR
Managing Director at KRsolns LTD

We haven't had to deal with any major recovery issues.

We have had Excel and Word files that were simply recoverable. We backup the server, but nothing more serious than that.

We are Microsoft centric solution providers.

We have very small clients, companies with 20 to 30 users of Excel, Word, and the internet. We deploy Microsoft 365 platforms, not much in the way of large software applications.

I would recommend this solution to others, and I am already promoting it. 

I am suggesting that all of my clients migrate from on-premise active directory to a Microsoft view because, with the current COVID, many of our users work from home. I just wanted to point out that almost all of our users work from home. They are currently working on the roaster. Half of the company works from home, while the other half works on-site. Having active and SharePoint, is really assisting them in working from home.

I would rate Azure Active Directory a nine out of ten.

View full review »
PB
Powershell IT Admin Cert at a tech services company with 10,001+ employees

It works really well, and I would rate it at nine on a scale from one to ten. You need good training, and Microsoft will provide that for free as part of their package.

View full review »
HakanCengiz - PeerSpot reviewer
IT Security Manager at a construction company with 1,001-5,000 employees

This is the best solution for authorization. I would rate it a nine out of 10.

View full review »
NASSER ALY - PeerSpot reviewer
Computer Chief Specialist Engineer at a university with 1,001-5,000 employees

I recommend this solution to others.

I rate Azure Active Directory a ten out of ten.

View full review »
AS
Sr. Cloud Engineer at a tech services company with 1,001-5,000 employees

My previous organization has a very close relationship with Microsoft.

I would advise users to go with Azure AD, if possible, and to try to avoid the B2C version at the moment, as quite a few good features are already in the preview. Once those preview features are done, you can go with the B2C version. 

I'd rate the solution at a nine out of ten.

View full review »
RF
IT Coordinator at Zignet

I rate Azure Active Directory a nine out of ten.

We had five people using the solution in my organization.

View full review »
FM
Service Architect at a computer software company with 10,001+ employees

I rate this solution eight out of 10. 

View full review »
SS
Technical Specialist

In terms of deployment, we are on a hybrid structure, where we are using an AD Connect to sync our on-prem users to Azure.

I'd rate the solution at a nine out of ten.

A lot of functions have been included as compared to the on-premises deployment. Compared with competitors such as AWS and Google Cloud, it is in a different league. For example, AWS also has good features, however, this is more simplified and it's a Microsoft product, so you can rely on it for the long term. 

View full review »
OK
Infrastructure and Cloud Principle Specialist at a tech services company with 1,001-5,000 employees

We have faced a few little problems in our customers' hybrid environments. Backing up the ADFS (Active Directory Federation Services) is very important, but some of our customers didn't do so and they lost their ADFS proxy servers. That is one of the important lessons I have learned. In those cases we had to reconfigure almost everything. It's simple to back up ADFS, so I would advise doing so.

But from the user's point of view, we've faced no problems. It works well.

View full review »
LB
IT Functional Analyst at a energy/utilities company with 1,001-5,000 employees

My advice to others is if they're going to move to the Azure Cloud Platform, this could be a highly valuable add-on, in order to take care of authentication matters in general. It's a very useful tool and not difficult to use.

I rate Azure Active Directory an eight out of ten.

View full review »
Mathew Clarke - PeerSpot reviewer
Presales at Quest Software

Don't delay implementing this solution, it's the best thing you can do for your identity protection. I would rate Authenticator as nine out of ten.

View full review »
AZ
Solutions Specialist at RV BYGGERI

I rate Intune nine out of 10. If the user is working with a Microsoft device or license, Intune is really powerful because it has a bundled license. Still, if we need to manage another system, Intune is too expensive. If the ecosystem is Microsoft, I recommend Intune because it's Microsoft's end-to-end solution. 

View full review »
MZ
Info Security Manager at a tech services company with 501-1,000 employees

I would rate this solution 8 out of 10.

The product is really good, but it's up to each company to decide.

View full review »
MF
Service Delivery Manager Cloud & Infrastructure Solutions at Nile

Whether or not I would recommend this solution, would depend on the users' needs. If their use cases fit what Microsoft provides, then I would recommend it. 

I would rate it an eight out of ten. The price plays a factor in the rating. Customers are not oriented with a cloud solution, they move forward very slowly towards the cloud, because maybe in my country big sectors, like the banking sectors, don't deal with the cloud. So customers see this and don't want to use the cloud either. They fear for their security and privacy. Although Microsoft assures that they protect their customer's data and privacy.

View full review »
EP
Senior Technical Consultant at The Instillery

I don't know if it's something that's going to be addressed in the future, or not, but having Azure AD the boundary of action for Active Directory as a region when you define the domain so you can't extend the domain to another region because it's a limitation that Azure AD has that doesn't allow you to extend the domain to another region for say geolocation purposes or disaster recovery.  If you have your Azure AD on the Sydney data center, you're not going to be able to extend that to say, Singapore. But, it is not highly unlikely, but it's a very rare occasion that you lose a region or a whole data center. It can happen, obviously, but it's very unusual. So the chances of that happens are very low. When we did the design for this customer that was one of the limitations that we mentioned, and they were happy with it because you know Microsoft is a respectable company and obviously they would do the best to keep their data centers running all the time. And, to keep the cloud infrastructure for their customers online all the time. So they accepted the limitation or the risk and  we went ahead and did it. But that's definitely something that I notice as a limitation to me.

In my opinion, you have a good look at your current infrastructure and make a decision on what is fit for the cloud, and what is not, because there are certain applications, or certain systems, that it will take longer time to migrate to the cloud. Normally, this is a good approach and is actually the Microsoft approach, as they recommend you to go hybrid first. First, you do a very good assessment and then you migrate your on-prem AD to Azure AD and the systems that support your operation will follow in time, if remediations are required, but it is a journey to work better and more efficiently.

View full review »
NB
Systems Administrator at a tech services company with 11-50 employees

Everything begins with the design of the domain structure. If it is well designed, then it is simple to adopt AD from scratch. I am not sure about migrations from other implementations of identity control, but if you are starting from scratch, it is very easy to use.

I would recommend this solution to others.

I rate Azure Active Directory a nine out of ten.

View full review »
MB
Systems and Networks Engineer at a insurance company with 1,001-5,000 employees

We are a Microsoft partner.

Overall, it's a very interesting product.

I'd rate it at a nine out of ten.

View full review »
ES
Senior Technical Consultant at a tech services company with 51-200 employees

When implementing for one client, where they had ADFS turned on, we could not ID enough ADFS and when there was no internet connection. This was a Catch-22 for us, and very frustrating. I would advise new users to use Azure over the ADFS.

View full review »
DA
Infrastructure Manager at a consumer goods company with 51-200 employees

Azure is the leading market solution because of its history, features, and maturity. I'd rate this solution seven out of ten.

View full review »
AD
Advisor at a tech services company with 201-500 employees

I would recommend Azure Active Directory to others. it is integrated with all Microsoft platforms. It has a lot of useful features that can help security IT administrators.

I rate Azure Active Directory a ten out of ten.

View full review »
MS
Vice President, Product Engineering at Logitix

We're using the latest version of the solution at this time.

In general, I would rate this solution at an eight out of ten.

If there were better integration capabilities between active directories, I would likely rate this product higher.

View full review »
CP
Vice President of Technology at Ecuity Edge

If you are familiar with Microsoft, this is the product to use.

I would rate Microsoft Azure Active Directory Premium an eight out of ten.

View full review »
AT
Cloud Consultant at a tech vendor with 11-50 employees

If you have connections with a PSP partner, it will be easy, I guess. If you're buying an Azure AD Premium independently, you won't have a helping hand from them. You'll have support  but, not much other than that. With a PSP partner, you will feel like that you can implement or you can quadrate.

Once Azure is developed, and fully established, it will be a perfect product. It is still in the development stage at present. 

View full review »
Buyer's Guide
Microsoft Entra ID
March 2024
Learn what your peers think about Microsoft Entra ID. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.