Active Directory Reviews

<a href='https://www.trustradius.com/static/about-trustradius-scoring#question3' target='_blank' rel='nofollow noopener noreferrer'>Customer Verified: Read more.</a>
72 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.6 out of 100

Do you work for this company? Manage this listing

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-15 of 15)

John Fester | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We are using Azure Active Directory (AAD) primarily for two things - access permissions in Exchange, SharePoint and other Office 365 services as well as locally in our network for domain/workstation access and logging. AAD opened the doors in many ways for us to enhance our organization and bring ourselves to modern times in terms of technology and what our users can do. Such as, our users had two or more sets of credentials (1 for Office 365, another for domain access and another for SharePoint). Combining our Exchange and SharePoint into Microsoft's hosted platforms and including AAD into our setup, we reduced the credentials down to just needing one set that is synced across my local AD & AAD. This has saved my IT support department many hours in helping users access services, reset passwords multiple times and has saved us time when setting up new users in just one place rather than several. With AAD it automatically sets the user up in the cloud and eliminates my need to set them up several times to have access to our services.
  • AAD is super easy to set up! One thing I was nervous about was deployment. However, after reading the setup instructions, I was pleased to find this a very simple process and well detailed in the instructions.
  • AAD works! It simply does it's job. I have not had to monitor it, troubleshoot it, nor reinstall or tinker with it in any way. Making changes is very quick and easy also allowing you to quickly modify how the sync occurs, whether one-direction from your server to Azure only, or bi-directional where it will sync both ways, or only from Azure to your local AD. You have the options and the control to make it work for your environment!
  • AAD has a ton of tools, logs, data that combined provides a great look into what your users are doing, how it is being done and if any error exist it will provide very useful information about it so that you can resolve the matter.
  • One limitation is the OS it must be installed on. We were using SBS '11 when we first deployed AAD, however it does not work for the sync to Azure on this OS. For this, we worked around it by first setting up a secondary local AD on a server that already had Server 2016 on it. Having these two server sync the local AD, we were able to install and configure the AAD sync on the Server 2016. It sync's perfectly and our environment works great being sync'd to AAD.
  • Depending on the licensing you have with Microsoft, you will find some features not available. We had to add a $4 license per user (called the Exchange F1 License) to have the ability to sync FROM Azure TO my local AD. This is key for users to be able to modify their passwords anywhere and it updates across your AAD & local AD. You will also have to add another type of license should you want more auditing features or security features.
  • It would be great to see Azure have a component in AD where you just enable the sync rather than needing to install the entire package to be able to sync.
If you manage a local AD and use Microsoft for mailboxes (Exchange), especially if it is hosted by Microsoft and not an on-premises setup, then this is a no-brainer and you should have Azure Active Directory! Even if you use just the free version of AAD, it adds management, reporting and auditing to your O365 which as an admin are very much required pieces of information. I suggest adding licenses for AAD that meets your needs for your organization, such as being able to sync your user information changes from AAD down to your AD and vise-versa, adding mobile security features or auditing, retention needs, etc.

If you have an on-premises Exchange and use a local AD, AAD is less useful for you and I'm not sure it would be recommended to use. While it could add some benefits you do not have already, this would be quite the task to undergo for such little solutions it would provide.

AAD is most useful for organizations that at least use Office 365 for Exchange hosting.
Read John Fester's full review
Jane Updegraff | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
My company uses Active Directory across the entire enterprise, which is probably the most common way that it's used. It's used to maintain a directory of users, groups, computers, service accounts and other resources, it is also used to authenticate those users and machines to the network, and to permit them access to network resources based on the individual user's or computer's permissions and group memberships. Active Directory acts as our primary resource management tool. It's where we store the identities of people and things that allow us to quickly create things like access control lists for data and network segments.
  • Azure Active Directory is very at maintaining user and computer data in a fully-replicated database.
  • Azure Active Directory is very good at notifying administrators whenever there is a problem with the AD database content or replication.
  • In my opinion, Azure Active Directory's dashboard pages are way too busy and difficult to navigate.
  • Azure Active Directory doesn't handle duplicate attributes in user accounts very well.
  • Azure Active Directory pesters the admin to buy additional features by cluttering up the GUI with "suggestions" that you can't remove from the dashboard.
Azure AD is actually required for Office 365 to work, so obviously you won't have a choice about whether or not it is well-suited unless you want to skip Office 365 completely. But it's actually a good standalone AD solution for when you don't want to own any infrastructure at all. That's because AAD is hosted by Microsoft in their commercial cloud, Azure. You could hypothetically build all a full corporate directory against which to authenticate without having to own a single server.

I would not advise using AAD as your network directory as a standalone solution, however. You would need to have at least one on-premise AD domain controller with a full copy of the directory, at all times. This is required because Azure Active Directory operates in the cloud, meaning it is reached by way of the internet. If any site were to become disconnected from the internet for any reason, and if there is NOT a local copy of the directory on a domain controller that the users and computers can reach from their devices, no one would be able to authenticate to any resources until connectivity is restored.
Read Jane Updegraff's full review
Hernán Paggi | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
In our company, we use Azure AD as a hybrid with Active Directory Federation Services. In this way, we can maintain a coherent structure of all the local users of the company as well as all our remote users. We do it this way since all our office platform is mounted on Office 365. The entire Azure and AD platform is managed by our IT Department.
  • Centralized administration of users through different locations.
  • Comprehensive OU management through a single interface.
  • Immediate availability of our forest throughout the company.
  • Microsoft integrated security throughout the deployment.
  • In our case, it requires an AD FS structure which requires extra maintenance.
  • The synchronization sometimes takes too long.
  • We would like to use Azure AD Premium, but its costs are very high.
It is appropriate in most cases. As I mentioned earlier, it allows us to have global availability of our AD, while allowing to centralize all operations within the IT department. We can manage users, printers, and GPOs in the cloud easily. For cases where the implementations are wide, I think it is a fundamental requirement. I could say that maybe it is not appropriate for small organizations, but even for those cases, I think it also applies, since it eliminates infrastructure costs and allows you to keep everything in the Microsoft cloud. There are no cases that do not involve analysis or use.
Read Hernán Paggi's full review
Jonathan Ayers | TrustRadius Reviewer
November 06, 2019

Great web-based product

Score 8 out of 10
Vetted Review
Verified User
Review Source
We use Azure AD primary to administer users across the GE enterprise, in particular with Microsoft software licensing and e-mail account administration. This software administers countless users across all divisions of General Electric around the globe. Azure AD provides a lightweight, web-based interface that allows for easy, on-the-fly administration of users from anywhere with internet access.
  • Lightweight web interface.
  • Easy to use, point and click interface.
  • It provides for the administration of users across the enterprise from anywhere with an internet connection.
  • At times the interface can be less than intuitive.
  • Failure of connection can lead to questions as to whether a change was actually processed.
  • Sometimes the screen layout can be confusing.
I believe Azure AD is appropriate in any enterprise environment, however, it is especially well-suited in large environments with many different administrators needing the ability to make changes. It would be less suited in a smaller environment where RSAT tools (such as the AD plug-in) could be used to administer the network.
Read Jonathan Ayers's full review
Brandon Macapelit, CISA | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory is used within our whole organization. It is used as our identity and access management tool to manage authentication within our corporate network and internal tools. With the help of this tool, employees within the organization would no longer need to memorize many credentials to different systems. Without a centralized authentication system in an environment with many IT tools, employees tend to find it tedious to memorize multiple credentials, and it would lead them to just write down, on a piece of paper or notepad, their multiple credentials which would raise the risks of compromised access. This problem has been effectively addressed by Azure Active Directory.
  • It's easy to implement policies within Active Directory.
  • Clustering users is easily achieved by establishing Organizational Units.
  • It can be used to authenticate users' credentials, even in other cloud platforms.
  • We have not encountered any problems with Azure Active Directory.
Azure Active Directory is well suited for organizations that have a large number of users/employees in different geographic locations and lots of internal tools, be it hosted locally or in the cloud, as it will make it easier for the organization to do and effective Identity and Access Management. For small companies, this might be expensive.
Read Brandon Macapelit, CISA's full review
Derek Benson | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory has been implemented organizationally, but is managed by the systems team following a migration of assets to Office365. We are also in process of implementing virtual machines in the Azure space in addition to a site to site VPN back to our HQ for potential DR opportunity. It has so far been easy to manage, sometimes with some assistance from consultants.
  • Organization of items/technology buckets.
  • Streamlined implementation.
  • Licensing is straightforward.
  • Some areas are still a little convoluted and require some research or MS/consultant engagement.
It is a good product for anyone looking for a cloud-based solution to manage company users and assets.
Read Derek Benson's full review
Abhay Das | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
It was easy integration, Migration and implementation end to end project as its seamless and easy. In fact the virtualization engineering become so easy with easy policy management and Azure AD set up. It is highly recommended for any size company/organizations.
  • Citrix Virtualization - Policy management for both on prem - on cloud
  • Access Control management- with other 3rd party tools is easy and you see very less error. It works great when you thin of MFA etc
  • Cloud Computing- Azure has made the access control seamless with Azure AD - a must have product
  • Integration with VM
  • Integration and policy management for Printers and other 3rd party apps
  • more collaboration with new tools and PAAS platform
Virtualization with VMWare or Citrix
Device Mangement
MFA
Access control management
Security and most importantly ; Trust
Read Abhay Das's full review
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Azure Active Directory to assign roles for integrated cloud-based applications and virtual machine in Azure Active Directory. We also sync some identity and group data from our on-premise AD instance for cloud workloads. It allows us to reuse the same identities in the cloud as we have on-prem and entitle them to appropriate resources.
  • Azure Active Directory is a cloud-based directory service that can be utilized for all kinds of identity authorizations.
  • Azure Active Directory creates a domain for your users, and Azure-based VM's that is similar to the well understood on-prem AD we all know and love.
  • Azure Active Directory is an excellent way to bring identities from different organizations together in a cloud environment for all types of cross- org collaborations.
  • More API's and API functionality is always welcomed.
  • Expansion into other cloud federation use cases and IDP possibilities.
  • Ability to detect identity compromises with high accuracy and low false positives.
Azure Active Directory is a reliable tool for creating directories of users & roles for all sorts of authorization and authentication scenarios in the cloud. It is highly scalable and can handle the largest user bases possible. The tool had Identity protection and security built-in and as upgrades that can help with identity threat hunting and compromise.
Read this authenticated review
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Azure AD to help with our single sign-on for Office 365 and there are plans to extend the use to cover our new BI solution, as well as a new ERP system (both are still work in progress, so cannot really comment on now). So far, once you overcome the issues with the sync, AAD is a great product with a really good integration with other Microsoft products.
  • Sync my local AD users to the cloud, providing seamless integration with O365 and potentially other MS products.
  • It is highly configurable and secure.
  • A small, but important issue that it addresses is it allows us to upload photos of the end-users. This is a great help in a dynamic environment.
  • The AAD sync software does crash, so it needs constant monitoring.
  • The sync interval is not easy to change and manual sync is needed occasionally.
  • The web interface can be a bit confusing to a new administrator, however, once you get used to it, it is ok.
It is great if you are deeply invested in the Microsoft ecosystem. It works even better if you use any of Microsoft's SAAS propositions. Integration with on-premise systems is great and functionality is unparalleled.
If you use limited Microsoft products, maybe a bit of an overkill, however, it is a must-have with O365 and other products.
Read this authenticated review
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory is used mainly because of our Office 365 implementation. But as we also have EMS E3 we are also using a couple of the P1 features. We are a multinational organization and are using one tenant. This has some issues but most are solvable. Having a cloud identity available can create new opportunities.
  • Within the Azure world, there are many services available that make use of your cloud identity.
  • If you have Azure AD P1 or P2 you can protect your Azure AD Identity even further.
  • It is still not really useable to have 1 tenant with multiple, more or less independent, entities. We could use that and there are things coming, but not there yet.
  • If you are used to an on-prem active directory, there are some gotchas and things you must know that are different in Azure AD. Nothing major.
If you want Office 365, you get Azure Active Directory. And if you want to protect that you seriously should consider Azure AD P1 or even P2 plans. We don't user P2 yet, but that is more or less the pinnacle for your protection needs. The Azure Application Proxy is a good place to publish your on-prem applications.
Read this authenticated review
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory is used to manage all of the Windows accounts with our company.
  • It's very easy to create and manage accounts. Takes no time at all to edit or even create new accounts.
  • It would be nice if more things could be managed from azure in a hybrid environment like resetting passwords from the cloud.
It's great for companies with more than a dozen users. It's a quick and easy way to manage the Windows accounts within the organization.
Read this authenticated review
Patrick Plaisance | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Reseller
Review Source
We use Azure Active Directory organization-wide both internally, and at the vast majority of our clients. Azure AD is used to both complement, and in some situations, replace entirely on-premise Active Directory. It is used for user authentication, both for Microsoft cloud services (Office 365) as well as the Identity Provider for SSO for various other services. Itis the glue that holds together device management via InTune. For clients with on-premise AD, Azure AD Connect keeps Azure AD & on-premise AD in sync, so users only have one password to remember, one multifactor authentication service will work across multiple on-premise and cloud services, and onboarding/offboarding by IT staff is greatly simplified by having just one "account" to control access to.
  • Sync with on-premise AD via Azure AD Connect app. When it first started out as DirSync, it had major issues with conflicts, but now Connect is reliable, simple to implement and keeps getting new features like.
  • SSO implementation with 3rd party cloud services is excellent. MS even has step by step guides to popular apps/services!
  • InTune integration with Azure AD/Hybrid Azure AD brings domain devices and BYOD devices together under one device management pane of glass.
  • Azure portal is extremely complex and many things are in areas you wouldn't expect them.
  • Hybrid Azure AD is very confusing to setup and offers very little troubleshooting data to go on.
  • I've found that sometimes on-premise AD passwords stop syncing via Azure AD Connect with no errors but a quick script for a full hash password sync clears it up.
If an organization is using Office 365 for email, collaboration, etc, there is no reason NOT to use AzureAD (they already are, to be precise). With appropriate Azure AD licenses, they can leverage those accounts to setup Single Sign-on with any other cloud providers they might be using. Additionally, if they have an on-premise active directory, they can sync those accounts with their Azure AD accounts, and potentially have one login for their on-premise computers, Office 365, and cloud services, protected with multifactor authentication. If an organization lives in the Google ecosystem, Azure AD most likely is not a good fit as Google can provide similar functionality via GSuite (although in my experience, much less robust).
Read Patrick Plaisance's full review
Roberto Etcheverry | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Azure Active Directory to bring our Active Directory to the cloud. That enables us to use a Single Sign On strategy with Office365 and other products, avoiding multiple users/passwords for different services.
  • Synchronization between on premises AD and Azure AD.
  • Ease of management thru its web interface.
  • Problems when allowing users to change their password using the web interface.
  • Sometimes it's hard to configure the synchronization between the on premises AD and Azure.
If you have a cloud-based infrastructure, for example, Office365, you might want to use your already existing AD infrastructure. Azure AD helps with that and brings AD to the cloud, where you can use it for identity management in a variety of applications. You keep managing your users with your established workflows, but add the cloud to that.
Read Roberto Etcheverry's full review
Anonymous | TrustRadius Reviewer
May 24, 2019

Microsoft Azure

Score 10 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory helps us to secure our organization’s resources. We purchased a stand-alone application and integrated with Office 365 and another tool from Microsoft. Also, we use a cloud-based solution from Microsoft that is integrating well with Azure Active Directory. With this solution, we manage our user group and have implemented single sign-on authentication and Multi-Factor Authentication.
  • Integration with other tools, especially from Microsoft.
  • MFA Authentication works very well.
  • Usage reports are very intuitive.
  • The solution is the best identity management that we have used ever.
  • Sometimes the solution runs slowly.
  • Documentation can be more complete.
  • The rich functionality assumes some complexity of implementation -- but that is not necessarily bad.
We recommend, with trust, Azure Active Directory. A mature solution to manage users and grant access to company resources. Very good integrations and easy management. Easy to update and migrate. Single sign-on, modern authentication, and Multi-Factor Authentication are must-haves that all small and big companies should implement.
Read this authenticated review
Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory is being used in our organization as a centralized place to grant access to both our Office 365 cloud resources and our on-site computer login resources. We use it to create new user profiles, reset passwords, monitor and audit sign-ins, control user settings and permissions, and create groups.
  • Creating new users, new guest users, and assigning licenses is simple and quick.
  • Auditing user activity is powerful and user-friendly. The only downside is that the log reporting tool only goes back 30 days.
  • Azure AD Connect allows for fast and simple syncing. It also monitors the sync status and will alert you if there an issue with the sync.
  • The pricing is competitive and nonprofit discounts are available.
  • Configuring Multi-Factor Authentication is confusing and not streamlined. Microsoft even says, "There are many ways of deploying MFA with Azure AD." I wish they would simplify the process, as it requires a lot of time and research to use MFA properly.
  • There are too many user and administration roles. Instead of 20+ role options, I wish Azure AD would reduce it to the five most common and allow the creation of custom roles, as needed.
Azure Active Directory is well suited for organizations that use Office 365 and/or a Windows server Active Directory because the syncing and integration is strong between the different Microsoft products. If your organization is not already using Microsoft, then Azure Active Directory may be too complicated for most start-ups or small businesses.
Read this authenticated review

Active Directory Scorecard Summary

Feature Scorecard Summary

ID-Management Access Control (14)
9.4
ID Management Single-Sign On (SSO) (14)
9.1
Multi-Factor Authentication (13)
9.0
Password Management (14)
9.0
Account Provisioning and De-provisioning (14)
9.4
ID Management Workflow Automation (11)
8.6
ID Risk Management (11)
8.5

About Active Directory

Microsoft Azure Active Directory (Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.

Active Directory Technical Details

Operating Systems: Unspecified
Mobile Application:No