Azure Active Directory

Azure Active Directory

Top Rated
About TrustRadius Scoring
Score 8.9 out of 100
Top Rated
Microsoft Azure Active Directory

Overview

Recent Reviews

Easy management of robust tools

10 out of 10
July 13, 2021
We are using it across the organization for authentication and access authorization purposes. It is central to our domain access. It helps …
Continue reading

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Popular Features

View all 7 features

ID Management Single-Sign On (SSO) (45)

9.4
94%

ID-Management Access Control (45)

9.1
91%

Multi-Factor Authentication (44)

9.0
90%

Password Management (44)

8.6
86%

Reviewer Pros & Cons

View all pros & cons

Video Reviews

Leaving a video review helps other professionals like you evaluate products. Be the first one in your network to record a review of Azure Active Directory, and make your voice heard!

Pricing

View all pricing

Premium P1

$6.00

Cloud
per user/per month

Premium P2

$9.00

Cloud
per user/per month

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Features Scorecard

Identity Management

8.9
89%

Product Details

What is Azure Active Directory?

Microsoft Azure Active Directory (Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.

Azure Active Directory Video

Authentication fundamentals: The basics | Azure Active Directory

Azure Active Directory Technical Details

Deployment TypesSaaS
Operating SystemsUnspecified
Mobile ApplicationNo

Comparisons

View all alternatives

Frequently Asked Questions

What is Azure Active Directory?

Microsoft Azure Active Directory (Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.

What is Azure Active Directory's best feature?

Reviewers rate ID Management Single-Sign On (SSO) highest, with a score of 9.4.

Who uses Azure Active Directory?

The most common users of Azure Active Directory are from Mid-sized Companies (51-1,000 employees) and the Information Technology & Services industry.

Reviews and Ratings

 (267)

Ratings

Reviews

(1-25 of 46)
Companies can't remove reviews or game the system. Here's why
Score 9 out of 10
Vetted Review
Verified User
Review Source
An active directory is like the number one must-have software that any organization should have if they are using windows based operating system. With windows operating system, Azure active directory is "the" go to software that any organization should invest in. Azure active directory comes from their original on premise active directory software so the program has years of experience on the field. I started using windows active directory back in 2003 and when azure active directory service came on it was a no brainer decision to migrate from on-premise solution to cloud. The product primarily address user authentication, file sharing, Document management (Share point) Office tools access like MS suite etc. We cannot work without an active directory in this day and age where hybrid and remote work is the preferred solution. The software also tightly integrates with almost all business ERP solutions like SAP, Oracle MS Sql etc. So you don’t need to maintain a third party tool for access control to these software’s. They also work with your exchange services so that it makes our onboarding of new users a breeze.
  • integrates with third-party authentication tools like OKTA and ping. This brings MFA functionality to your organization. The integration is quite simple to do.
  • This can be used to control access to your networking devices like your on-premise routers and switches if needed.
  • The access control policies are very vast. So you can set each department in your organization to each access control policy and their access to resources will be controlled.
  • Documentation - Microsoft really needs to work on their documentation when it comes to doing more complicated tasks like working with API. The official documentation often gets us confused as to how to do certain tasks. We sometimes ended up spending hours trying to figure out how certain tasks are completed.
  • No jammed down version - This is the go-to tool if you are invested in a lot of cloud-based solutions and if you have a lot of resources that need authentication. But for smaller organizations, Microsoft needs to bring packages with smaller features for SMBs with lower rates so that SMBs can come on board.
If you are opening a shop and you need software to get the ball rolling compared to Google. Microsoft is the go-to vendor in my opinion. You can get your active directory services, mail, and collaboration tools like teams and offices from one vendor. Anyone with minimal knowledge of IT can actually configure all of these services to get you up to speed. The product is very versatile so in the future if you would like to have cloud servers and services this product have you covered. As your organization grows you can easily integrate the best MFA solutions with Azure AD to keep your organization safe. This is not the product that you should invest in if your organization does not have that many windows devices. For instance, if your company owns Macs other than products like MS Office, Share Point, etc you don't need to get Azure active directory.
Score 9 out of 10
Vetted Review
Verified User
Review Source
Microsoft Azure Active Directory is the key component of our identity, authentication, and authorization strategy. It is fully integrated with our HR platform for onboarding and separation and enables Single-sign-on, muti-factor-authentication, and a host of other basic and advanced identity-related services. Using all that Microsoft has to offer in this space simplifies our environment and makes additional third-party products specifically targeting identity management unnecessary.
  • Basic user management with full metadata
  • Single Sign On
  • Multi factor authentication
  • Some of the most desirable advanced features are seemingly only available in bundles
  • licensing is confusing
  • The speed of evolution has made this a good suite of services, but it is exhausting to keep up with the rate of change.
Any organization with a Windows or Office footprint should at least consider Microsoft Azure Active Directory as the source of truth for user information, and the key component of their identity strategy. For organizations less reliant on Microsoft there may be better alternatives.
Score 8 out of 10
Vetted Review
Verified User
Review Source
We purchased the Office 365 A5 suite about three years ago. We use Microsoft Azure Active Directory across our entire district for 30,000+ users. This is what we use to help manage our users.
  • We departmentalize our users by schools
  • We departmentatize our users by departments
  • We use this to keep up with what rights we allow specific users
  • We have been active directory users for many years and do appreciate the ease of functionality
  • We use FinPlus as our financial system to manage our employees but we have to manually move employees in AD
Giving or taking away rights by user is very easy to do through Microsoft Azure Active Directory, especially when a specific user needs access to something they would not normally need. Access is very easy to give and take away through AD. It can be clunky sometimes when working with groups in these same scenarios.
Score 8 out of 10
Vetted Review
Verified User
Review Source
Across the whole organization - globally in US, Asia and Europe
  • SSO authentication for multiple applications
  • Data access policies
  • Built in replication and redundancy across Domain Controllers
  • MFA capabilities can be further improved
  • License costs are high
  • Implementation time is long with limited integrator expertise available
  • Support from Microsoft technical team
SSO Authentication and Access rights management - Enterprises with a predominant MS Landscape should invest in MS Active Directory. Others have to be cautious as many tools available in the market that are stronger. Adaptive authentication is an improvement area. Organizations requiring strong MFA capabilities should be cautious and consider further exploring the platform before committing or investing.
A self-service portal for end-users is an important improvement. An enterprise that requires self-service capabilities to be cautious
Score 10 out of 10
Vetted Review
Verified User
Review Source
Our Microsoft Azure Active Directory helps us manage all of our users including their metadata. It is used across all of our organization, helping us manage and maintain our departments employees and machines. Essentially, we use it as a central management tool that connects all our software and tools with our users and machines database.
  • Managing users
  • Managing machines
  • Security groups
  • Customization (user defined fields)
  • A better UI
  • Better online integration
I can’t find any other tools that could replace Microsoft Azure Active Directory in my organization. They
way AD is built, it’s simple and allows us to accomplish what we need in a very simple and efficient way.
Managing users and machines are simply way easier with Microsoft Azure Active Directory.
Gordon Lo | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
[Microsoft] Azure Active Directory is currently used to replicate our on premise Active Directory. We use this across the organization to enable single sign-on to other Microsoft services including office 365, and our home grown web applications.
  • Easy management of groups and user assignments
  • Integration with web applications using oauth
  • Easily extends existing on premise AD
  • The UI can be cumbersome to use - bulk edits for instance are best handled using powershell.
  • Documentation can be hard to find when integrating AD into web apps
  • Some settings in AD can be confusing with no obvious explanation - for instance, setting up custom scopes for an application is confusing.
Microsoft Azure Active Directory is the gold standard for user management in the industry. It's one of the things that Microsoft does very well as far as adding a fully featured user management capability into one place. It supports oauth for web applications and is easily integrated into custom .net web apps. It also easily manages all the users and hooks directly into other Microsoft services.
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Azure Active Directory heavily as it's essential in our Cloud environment (Azure and Office 365) and also our main Identity Management solution to provide seamless authentication with multiple vendors and systems.
  • Identity and Access Management system
  • Directory Service
  • Security Management
  • Integration with 3rd party services
  • More in-depth directory services
If you use Active Directory on-premises and have any workloads in Microsoft Azure, Azure Active Directory is a no-brainer and a must and also saves you investing in a third-party IAM solution.
Score 10 out of 10
Vetted Review
Verified User
Review Source
We are using it across the organization for authentication and access authorization purposes. It is central to our domain access. It helps us efficiently onboard and term employees. Our IT department manages all users and their access through this platform.
  • Manages credentials
  • Provides access to our domain
  • Allows central management of users
  • [Needs] more security controls
  • Access to metadata
Any organization looking to centrally manage users, their credentials and access would do well to use Microsoft Azure Active Directory. It makes it easy to onboard employees, assign them certain rights, enforce policies and requires strong passwords, among other things. It also ties well into multi-factor or two-factor authentication.
Chirag Deol | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We are using Microsoft Azure Active Directory for managing our remote users for single-sign-on login from everywhere. We have integrated Microsoft Azure Active Directory with our on-premises active directory so that we don't need to configure everything from scratch. It provides us high availability with easy-to-configure options.
  • Easy to configure
  • High availability
  • Easy to synchronize with on-premises AD
  • Pay as you go options
  • Third-party tools need to be integrated easily
Microsoft Azure Active Directory is well suited for medium- and large-scale infrastructure to manage their users and single-sign-on options. It provides high-security features and easy synchronization with high availability. It also makes managing the policies over remote network easy.
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Microsoft Azure Active Directory (Azure AD) both as an internal directory and single sign-on solution for the entire organization, as well as part of our cloud offering where we leverage the capabilities of Microsoft Azure Active Directory and provide additional authentication mechanisms for our business customers.
  • Multi-factor authentication
  • Conditional access
  • Supported by and integrates with other Microsoft products
  • Complexity, especially for users not familiar with the "Microsoft way" of doing things
  • Great for enterprises but a lot of overhead for smaller businesses
If you are primarily a Microsoft shop, using Office 365, Azure, Windows, etc... then using Microsoft Azure Active Directory would be a natural choice, in fact I would say choosing anything else in this scenario would not make any sense. It has a bit of a learning curve especially if you are new coming into the Microsoft ecosystem, mostly due to its breadth and depth, but once you get a hang of it, Microsoft Azure Active Directory is a very solid identity management solution.
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use it for centralized user management, for SSO to Microsoft and non-Microsoft applications, and for computer management via GPOs. It's used enterprise-wide. It saves users remembering many different passwords, and streamlines the creation, provisioning, and termination of user accounts. By centralizing passwords, users can use a stronger password, improving system security across all the SSO-enabled applications.
  • Creates user and machine accounts.
  • Integrates with application software for SSO.
  • Secures our user directory with stronger measures & faster patching than we might do in-house.
  • Integration with Mac OS isn't as smooth as with Windows clients.
  • Logging can be too verbose.
  • Integration with software from certain publishers isn't very easy, but that may not me AD's fault.
For organizations without a strong information security team, that task is delegated to really capable staff (i.e., Microsoft). For organizations with many off-the-shelf and/or hosted applications, centralizing user management through SSO at Azure AD save an enormous amount of work. For organizations with a pure Windows environment, it would be amazing; for shops with heterogenous environments, it takes some more effort to implement.
Score 9 out of 10
Vetted Review
Verified User
Review Source
We currently use Microsoft Azure Active Directory in a hybrid mode with on premise Active Directory. We are beginning to use Microsoft Azure Active Directory more and more, utilising SSO, Conditional Access, MFA, Intune and other features.
  • We find that the MFA feature, combined with the Microsoft Authenticator app, works really well
  • Leveraging SSO to control access to a growing array of apps
  • Just getting started with Intune but it looks very promising
  • Inability to nest groups
  • Conditional Access could do with more granularity
Using a local Active Directory for years, we have accumulated a lot of groups and nesting of those groups is inevitable. This doesn't translate well into Azure Active Directory's flat structure.
Score 7 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory is used to manage all of the Windows accounts with our company.
  • It's very easy to create and manage accounts. Takes no time at all to edit or even create new accounts.
  • It would be nice if more things could be managed from azure in a hybrid environment like resetting passwords from the cloud.
It's great for companies with more than a dozen users. It's a quick and easy way to manage the Windows accounts within the organization.
Their Support team is fairly responsive and knowledgeable,
Score 10 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory is being used across the entire organization. Azure AD allows us to manage access/permissions for various applications, resources, etc.
  • UI - The user interface for configuring items within Azure AD is great.
  • CLI - Interacting with the Azure CLI for Azure AD is the same great well documented experience as other interactions with the Azure CLI. Functionality is solid, documentation is great to explain different use cases with the CLI, and overall the ease of use is fantastic.
  • Configuration Documentation: There's evidently been changes to Azure AD improving the platform but in making these changes it's incredibly difficult to find solid step by step instructions to implement Azure AD for given SaaS apps for example. This isn't necessarily Microsoft's fault, as documentation drift happens everywhere, but even within Microsoft's own documentation there are discrepancies. It makes setting up AAD on an application potentially more difficult than it needs to be.
  • Multi Account Difficulties: If you have multiple accounts tied to AAD (like a school account and a work account for example) it's incredibly difficult to sign in on both. Heaven help you if you forget to open a private browsing tab to sign in to the different account. You'll spend a non-zero amount of time trying to sign back in to your other account.
The entire experience of using a full suite of Azure products has been a great one. Everything is well integrated. CLI access is feature full and often times well documented. Additionally, leveraging azure in other areas means pretty seamless integration experiences across the board. Overall, very pleased with the AAD experience.
Score 10 out of 10
Vetted Review
Reseller
Review Source
We are service provider and an ISV, we build and customize software and deliver IT Solutions to our customers, we needed an identity and access management solution that is widely compatible with our application infrastructure as well as allows us to integrate content across tenants, we also wanted a unified and simplified IAM experience for our internal users, our customers and contractors.

AzureAD was definately the optimial option, it allowed us to unify our IT administration experience through tightly integrated capabilities, and simplified synchronization of objects from On-Premises Active Directory, additionally, most of our online services for internal users are on Microsoft 365, in such scenarios, AzureAD is absolutly the best choice for our organization.

It scaled nicely as the company grows, and offers RBAC, Conditional Access and Privileged Identity Management, it also supports most of the common authentication scenarios and protocols that we require in our business, we are very much satisfied with how AzureAD works and it is definately a reliable and flexible IAM solution.
  • Conditional Access in AzureAD is great and works very well
  • Integration with Intune, Microsoft 365 and other Microsoft Cloud Services is unmatching
  • Simple user management from the Portal
  • Sign-ins behavioral monitoring and user risk detection is a top security need
  • Many features are added every now and then and its relatively easy to enable them organization-wide
  • The Multi-Factor Authentication Portal still uses the old Azure Interface that is over 7 years old, it's exceedingly difficult to manage MFA enablement for substantial number of users
  • Some limitations in the portal such as user retrieval is limited, making selecting multiple objects difficult
  • The AzureAD Sync client is particularly useful but requires advanced technical skills to troubleshoot if anything goes wrong
  • Certain security features which I believe are considered essential are only part of the Premium 2 license, such as Risk Detection and Investigation, Microsoft should try to make Plans more tailored into other features (For example limit on objects, app registration, branding, and make security features an essential part of any AzureAD Plan.
AzureAD is a very reliable and quick to setup service, If you have:
  1. Active Directory as your on-premises domain service
  2. Plan to use a cloud-based productivity service such as Microsoft 365
  3. Have any Azure-resources
  4. Use Microsoft Teams
  5. Need to have a familiar interface with familiar tools and extensive documentation
  6. Want to reduce the number of IAM Solutions you are using
Then AzureAD is definately your choice, it supports all the above and is very flexible and relatively simple to get up to speed quickly

However, if you plan to use cloud services from other providers such as Google, then you might consider other options or preferrably use Google Cloud Directory for that matter, AzureAD is tailored for businesses who have capitialized many of their IT Investments in the Microsoft Ecosystem and therefore, serves them the most.
Score 10 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory is being used across the whole organization as our employee single sign on solution. Our department also uses a separate subscription for managing our own services. We mainly use AD groups to manage user access to different services. It's very easy to use and do user onboarding.
  • Azure AD groups can be used to represent different user roles.
  • 2FA authentication makes it very secure.
  • SSO experience is convenient for all employees.
  • Auditing logs seem like a short time retention.
  • No easy way to get Inactive Users list.
  • Not possible to deactivate a user temporarily, you can only delete the user.
It is well suited for corporate access control, and single sign on. Some services have native support for Azure AD integration. For those services that don't provide native support, SAML authentication proxy can be used as a workaround.

For applications that require long period auditing, Azure AD may not be the best choice.
Ron van Elteren | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Our organization uses Azure AD for verification across all platforms. But not only that, I also implement ERP software based on Microsoft Dynamics 365 Business Central and integrate it with Azure AD for customers. The Azure administrator of the customers create an app registration, which I then use in Business Central for integration. That way the users of our customers can use their Office 365 credentials to access Business Central. For the app registration to work well, I have to work with the customers system administrator. The app registration has to be set up thoroughly for it to work well with Business Central.
  • The integration with other Microsoft products
  • Multi-factor authentication
  • Conditional access
  • Simplify complexity - Azure AD is rich of features, but that also makes it very complex
  • Management
Microsoft's Azure Active Directory works flawless with other Microsoft products, which of course is logical. Because I work the most with Microsoft's 365 Business Central, I really like the way BC integrates with Azure AD for verification of the BC users. For users it is also convenient, as they only have to remember 1 set of credentials.
Score 9 out of 10
Vetted Review
Verified User
Review Source
The whole organization utilizes AzureAD. It allows for a secure, reportable identity management system that can be controlled and utilized anywhere in the world.
  • Allows for onpremise replication of existing identities
  • Has the ability to integrate with 3rd parties
  • provides an entire suite of APIs to grant as little or as much information to programs as desired.
  • provides both web interface and command-line interface for administrating
  • Updated documentation could use some improvement.
  • Speed of change replication can be slow sometimes during high traffic times
  • some features available through the command line are NOT available through the web interface.
  • random outages can be frustrating
If you need a large scale to small scale identity management system AzureAD is a good solution. AzureAD can have all the complexity you need or if you just need the basics that is there too.
Score 10 out of 10
Vetted Review
Reseller
Review Source
We use Azure Active Directory across our whole organisation. Furthermore, I implement and support AAD at other organisations too. Azure Active Directory replaces local Active Directory for organisations that have moved to the cloud and reduced or completely got rid of their on-premises server infrastructure.
  • Identity management.
  • App registration.
  • Multi-factor authentication.
  • The UI could be more intuitive.
  • Pricing options could be clearer.
  • A few parts of the UI and platform are still in preview.
Azure Active Directory is particularly useful in scenarios where a company has removed their on-premises server infrastructure, or for new companies who will never have an on-premises server infrastructure but still want to be able to manage identity's users and roles. Azure Active Directory is likely less useful to organisations who still manage their identities in a local Active Directory server.
Score 10 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory is being used in conjunction with our SharePoint 360 environment to manage users from multiple functional areas of our company. We use it store user information as well as their access levels. Any changes to the settings in Azure Active Directory reflects the user's permission levels across multiple platforms on our network.
  • Enhanced our end-user experience.
  • Secure access for users.
  • Integration with other Microsoft products.
  • Users require some training.
  • The UI can be more intuitive.
  • The UI can use modern layout.
Our company is extremely satisfied with using Azure Active Directory to store and give multiple access levels to all users by the use of Active Directory. We love that since it's a Microsoft product, it can be easily integrated with other Microsoft products like SharePoint without the use of 3rd party connectors for integration. We have an enterprise account with Microsoft, so the price point for hundreds of AD users is also low.
Score 9 out of 10
Vetted Review
Verified User
Review Source
[Microsoft] Azure Active Directory has been used by the whole organization, primary for authentication for SaaS applications and Azure resources. We have addressed a lot of business needs, some of them are laptop deployment, control and maintenance, also single sign on for SaaS applications.
  • Integration with on-prem Active Directory. Smooth, secure and allow control to the administrator
  • With [Microsoft] Azure Active Directory we have centralized the identity management
  • Single Sign On for all the Saas Services, also for some on-prem applications
  • Centralized all the consoles on one place, different admin portals is sometimes confused
[Microsoft] Azure Active Directory is perfect for single sign on. We have all our SaaS applications integrated with it. Also, the opportunity to have a single place for all the Microsoft Applications and Saas Applications using one account.
Sometimes, the hybrid configuration is not appropriated for some internal non windows applications, due to the complexity.
Score 9 out of 10
Vetted Review
Verified User
Review Source
Azure AD is being used for authentication to Office 365 applications and other 3rd party applications that integrate with it. We use Azure AD across the entire organization. Azure AD has helped us utilize one identity across multiple applications, both internally and externally. Single Sign-On through Azure AD is critical for buy-in from our end users, especially the end-users that are not tech-savvy.
  • Single sign on
  • User management
  • Authentication
  • Identity
  • Cost
  • Reliability
If your organization primarily uses Microsoft systems, there really is no reason to use another product. Azure Active Directory allows you to link your user accounts to virtually all Microsoft software and most 3rd party software. Having one digital identity across all systems makes things much easier for your end-users. Support for 2-factor authentication, especially with more people working from home, is fully supported.
Score 9 out of 10
Vetted Review
Verified User
Review Source
Currently, Microsoft Azure Active Directory is being used by a department and select few users in a Pathfinder phase. We have limited its use as we have not fully implemented the cloud in the Enterprise, although our goal is to reach that in the next year or two. Right now, we are finding the ease of use with Azure Active Directory in terms of its simplicity, and the fact that many users can have different roles to leverage it, based on whatever workload they support.
  • Simple to use interface, easy to find items you are looking for
  • Alerts can be managed and configured pretty easily
  • Plenty of features for different workloads
  • There are a lot of features, so it can get confusing to get to where you want to go
  • Some areas do not offer as much granularity as desired
  • Hard to find certain features that are synonymous with on-premises Active Directory
Microsoft Azure Active Directory is very well-suited for user identity in the cloud, especially in a hybrid instance. Syncing your on-premises infrastructure with the cloud, Microsoft makes it easy to achieve this. In addition, configuring virtual networks and virtual machines is an easier process than expected. If you are currently all on-premises, then Azure Active Directory would not really help your use case, although if you are thinking of migrating to the cloud, you can then experiment with it.
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use M365 within our school district, and as such, Microsoft Azure Active Directory is our cloud identity provider for all our user accounts (faculty, staff, and students). Ultimately, we are a hybrid Microsoft Azure Active Directory environment, with an on-prem Active Directory that syncs to local objects to Azure. This synchronization helps address the need for cloud-based access to resources that would otherwise be unavailable if we were solely working from an on-prem Microsoft Azure Active Directory environment. We have considered moving all our users and devices to being 100% cloud based; however, the current Microsoft Azure Active Directory infrastructure we are a part of (multi-domain forest) is not currently suited to support that transition at this time.
  • Conditional Access -- this is one of the biggest tools that any admin needs when it comes to securing when, where, and how users are accessing information. Especially if the information contains sensitive data types.
  • Multi-factor Authentication -- we have all our employees configured for MFA. This is incredibly easy to configure with Azure, as well as defining when MFA should be used through Conditional Access.
  • Audit Logs -- being able to track and identify a user's activity is pretty critical, especially when in incident response mode.
  • Complexity --Microsoft Azure Active Directory isn't exactly for the faint of heart.
  • Management -- some bulk management tasks need to be run through PowerShell...if you don't know PowerShell (and you should) then this could be problematic.
  • Needs assessment -- the licensing structure for Azure AD might be difficult to understand given the breadth of features available. For example, Azure Active Directory P1 will differ from Azure Active Directory P2, but what does that mean and is it applicable to your organization? Is it necessary to have P2 over P1 to accomplish your business goals?
I think that Microsoft Azure Active Directory is going to be applicable to any organization that needs a cloud identity solution and they have more than a handful of employees and users. Licensing could be problematic to figure out, and bundling the Microsoft Azure Active Directory license with an M365 subscription is probably the route to take. However, I would not recommend this product to an organization with an IT administrator who is not strong technically. In this case, it might be better managed by an MSP.

The reality is that Microsoft Azure Active Directory is one part of a suite of products and it is sometimes hard to look at it without understanding how it interacts with the other tools in the suite. If we take this into consideration, then Microsoft Azure Active Directory is the backbone for providing a cloud-based user identity and security solution that will be applicable under any circumstance.
Lars Kemmann | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Azure Active Directory internally for our entire organization, including single sign-on to all the third-party SaaS solutions our employees work with, and we have a large portion of our business dedicated to Azure AD consulting for our clients. We use Azure AD as the foundation for our zero-trust security posture.
  • Conditional access
  • Customization
  • Integration, especially with security tools
  • Hybrid scenarios
  • Understanding the breadth of features
  • Onboarding for small businesses
I highly recommend Azure Active Directory for any organization looking to adopt cloud-based technologies and a zero-trust security posture. Many companies "graduate" to it from their legacy on-premises Active Directory installations, and that scenario has been optimized very well, but Azure AD is also a good fit for any organization looking for a robust and secure identity platform.