Microsoft Identity Manager Room for Improvement

SpprtEngine4657
Support Engineer – Solutions Architect at a tech services company with 11-50 employees
In terms of the identity and access management solution for an on-premise environment, I think Microsoft needs to eliminate or minimize the number of workloads for the solution to run in an on-premise environment. For example, you need more instances, more servers on-premise for the whole solution to completely function. You need ADFS servers, farms application proxies, a MIM server, SQL databases, and Cluster databases, which leads to more costs in running and maintaining the solution. I think Microsoft should minimize the number of instances in terms of hardware and software. In the next edition, I prefer that Microsoft would start looking at giving the solution the ability to integrate on-premise workloads, specifically Linux on-premise workloads, with the cloud-based identity and access management solution, which is Microsoft Azure Active Directory. Currently, the provided Microsoft identity and access management solution does not have the capability to integrate with a Linux or Unix environment and the cloud-based Azure Active Directory. View full review »
Venkatesh Ampolu
Principal Security Advisory Consultant and Delivery Lead at a tech services company with 1,001-5,000 employees
If we compare this Microsoft Identity Manager with Okta or OneLogin, both provide multiple connectors and box connectors. Whereas with Microsoft Identity Manager, there are limits. Instead of using the connectors from the third-party companies, they should make the Microsoft templates available with this product. If Microsoft would increase the number of the box connectors that would be helpful to all the customers who use it daily. Microsoft Identity Manager is good for using in production and increasing recruitment. View full review »
Jiju Gopinath
Vice President, IT Infrastructure & Information Security at KAMCO
They have to improve the User Entity and Behavioral Analysis. They have all of these features, scattered around in different components. For example, if a user logs into a computer, from that point the behavior is not completely monitored. Windows Defender is monitoring the action, but if you go into the website, the solution is not capable of understanding it. Therefore, in the case of a user browsing a malicious website, there is no way to identify it. There should be a way to create a profile for each and every employee. For example, if an employee is searching websites for a job then the organization should be able to identify that and recognize that he's going to leave the company soon. Or, if the user is trying to access a confidential document then that identity should be tagged as a malicious user. You should be able to create metrics or risk levels for a particular user. Generally, the security features need to be improved so that they do not have to rely on other solutions. Importantly, browser behavior should be integrated. Properties such as what department an employee is in, and what resources they access, as well as the relevant correlations, should all be determined and stored. View full review »
CTO9b3b
CTO at a music company with 10,001+ employees
This product was only launched two or three years ago, and it is still in the process of becoming stable. We have to make use of the current feature set before looking for new features. View full review »

Sign Up with Email