Azure Active Directory Reviews

155 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.7 out of 100

Do you work for this company? Learn how we help vendors

TrustRadius Top Rated for 2020

Overall Rating

Reviewer's Company Size

Last Updated

By Topic

Industry

Department

Experience

Job Type

Role

Reviews (1-25 of 29)

Companies can't remove reviews or game the system. Here's why.
April 07, 2021
Caleb Reinhardt | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use M365 within our school district, and as such, Microsoft Azure Active Directory is our cloud identity provider for all our user accounts (faculty, staff, and students). Ultimately, we are a hybrid Microsoft Azure Active Directory environment, with an on-prem Active Directory that syncs to local objects to Azure. This synchronization helps address the need for cloud-based access to resources that would otherwise be unavailable if we were solely working from an on-prem Microsoft Azure Active Directory environment. We have considered moving all our users and devices to being 100% cloud based; however, the current Microsoft Azure Active Directory infrastructure we are a part of (multi-domain forest) is not currently suited to support that transition at this time.
  • Conditional Access -- this is one of the biggest tools that any admin needs when it comes to securing when, where, and how users are accessing information. Especially if the information contains sensitive data types.
  • Multi-factor Authentication -- we have all our employees configured for MFA. This is incredibly easy to configure with Azure, as well as defining when MFA should be used through Conditional Access.
  • Audit Logs -- being able to track and identify a user's activity is pretty critical, especially when in incident response mode.
  • Complexity --Microsoft Azure Active Directory isn't exactly for the faint of heart.
  • Management -- some bulk management tasks need to be run through PowerShell...if you don't know PowerShell (and you should) then this could be problematic.
  • Needs assessment -- the licensing structure for Azure AD might be difficult to understand given the breadth of features available. For example, Azure Active Directory P1 will differ from Azure Active Directory P2, but what does that mean and is it applicable to your organization? Is it necessary to have P2 over P1 to accomplish your business goals?
I think that Microsoft Azure Active Directory is going to be applicable to any organization that needs a cloud identity solution and they have more than a handful of employees and users. Licensing could be problematic to figure out, and bundling the Microsoft Azure Active Directory license with an M365 subscription is probably the route to take. However, I would not recommend this product to an organization with an IT administrator who is not strong technically. In this case, it might be better managed by an MSP.

The reality is that Microsoft Azure Active Directory is one part of a suite of products and it is sometimes hard to look at it without understanding how it interacts with the other tools in the suite. If we take this into consideration, then Microsoft Azure Active Directory is the backbone for providing a cloud-based user identity and security solution that will be applicable under any circumstance.
Read Caleb Reinhardt's full review
April 01, 2021
Lars Kemmann | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Azure Active Directory internally for our entire organization, including single sign-on to all the third-party SaaS solutions our employees work with, and we have a large portion of our business dedicated to Azure AD consulting for our clients. We use Azure AD as the foundation for our zero-trust security posture.
  • Conditional access
  • Customization
  • Integration, especially with security tools
  • Hybrid scenarios
  • Understanding the breadth of features
  • Onboarding for small businesses
I highly recommend Azure Active Directory for any organization looking to adopt cloud-based technologies and a zero-trust security posture. Many companies "graduate" to it from their legacy on-premises Active Directory installations, and that scenario has been optimized very well, but Azure AD is also a good fit for any organization looking for a robust and secure identity platform.
Read Lars Kemmann's full review
April 13, 2021
Marouane Tohme | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory was used internally company wide at one point when we decided to migrate from a local domain and Windows Licenses to a cloud based solution using MS 365 Premium (MS lets you log into Windows with your MS 365 Premium account and attaches a Windows Enterprise License to your instance). Even including the cost of the services it actually saved us cash since we had many Windows 8 Machines to update to Windows 10. The interface was a little overwhelming at first but it's quite intuitive and easy to get a hang of.
  • When paired with InTune the control over user devices is great.
  • The integration with Windows or rather MS's security solutions is great.
  • It works best with 365.
  • The integration with Local Domains is lacking.
  • The interface, while intuitive can do with some refinement.
If you already use 365 and Windows then Microsoft Active Directory is pretty much a no brainer. Especially if you also use Microsoft Defender ATP. The control and oversight over user machines when used with InTune is impressive but I do wish the integration with Local Domains was more robust. Also, shared drives, I was under the impression that I would be able to implement through OneDirve somehow but that was not the case. SharePoint seems to be the alternative here, and it works great but not everyone in the organization is inclined to change how they work and that was ultimately what brought use back to using an Internal Domain. We still use 365 and therefore Azure Active Directory but to a much more limited degree.
Read Marouane Tohme's full review
March 24, 2021
HARDIK CHUDASAMA | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
We are working with a health care client to handle their CRM software in the cloud. Our company is using Microsoft Azure Active Directory for the database workload and also for their third-party API with client data transitions (so it is being used by only the Database management department for now).

We are using Microsoft Azure Active Directory for basic operations:
  • Single sign-on, enabling access to apps from anywhere
  • Conditional access and multi-factor authentication to help protect and govern access over the users
  • Integrating identities with other apps and authenticating for the work system
  • Single identity platform to engage with internal and external users more securely
  • Identity governance can free up IT resources by automating periodic supervisory reviews
  • Integrates seamlessly with third-party MFA and MDM providers
  • User interface can be improved; can be more user friendly
  • It is not flexible or customizable for specific needs. It only manages Microsoft accounts in the same domain.
  • Lower intrinsic value for customers not already invested in other Microsoft cloud services
Microsoft has always kept the Azure Active Directory at the front side of their identity management suite. It makes the most sense to use Microsoft Azure Active Directory if you are already a Microsoft Azure customer.

Some specific scenarios where Microsoft Azure AD will be well suited are
  • If your organization has users who are geographically dispersed and you want to implement a centralized security and access system for them.
  • If the client or organization is heavily invested in Microsoft eco-system for other needs, Microsoft Azure Active Directory is the way to go
Scenarios where Azure Active Directory is less appropriate are
  • If the organization is not invested in the Microsoft ecosystem.
  • If you want an intuitive implementation process.
  • If you have fewer than 50 users.
Read HARDIK CHUDASAMA's full review
March 17, 2021
Samuel Couturier | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Review Source
We use Microsoft Azure Active Directory as part of Microsoft 365 to manage all of the users in the backend. As a MSP we mostly resell and deploy it for clients to either replace non-existent domains or to migrate from on-premise Active Directory.
  • Integrates with a lot of others softwares with SSO
  • Keeps access management simple through one set of credentials for each user
  • Easy to manage from the cloud, no need to connect to a on-premise server for management
  • Nothing comes to mind
If working with Microsoft 365 subscriptions, Azure Active Directory is the directory service behind the 365 users, so it's really easy to tie that into your others softwares or on-premise network as well
Read Samuel Couturier's full review
April 12, 2021
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
[Microsoft] Azure Active Directory has been used by the whole organization, primary for authentication for SaaS applications and Azure resources. We have addressed a lot of business needs, some of them are laptop deployment, control and maintenance, also single sign on for SaaS applications.
  • Integration with on-prem Active Directory. Smooth, secure and allow control to the administrator
  • With [Microsoft] Azure Active Directory we have centralized the identity management
  • Single Sign On for all the Saas Services, also for some on-prem applications
  • Centralized all the consoles on one place, different admin portals is sometimes confused
[Microsoft] Azure Active Directory is perfect for single sign on. We have all our SaaS applications integrated with it. Also, the opportunity to have a single place for all the Microsoft Applications and Saas Applications using one account.
Sometimes, the hybrid configuration is not appropriated for some internal non windows applications, due to the complexity.
Read this authenticated review
April 08, 2021
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Currently, Microsoft Azure Active Directory is being used by a department and select few users in a Pathfinder phase. We have limited its use as we have not fully implemented the cloud in the Enterprise, although our goal is to reach that in the next year or two. Right now, we are finding the ease of use with Azure Active Directory in terms of its simplicity, and the fact that many users can have different roles to leverage it, based on whatever workload they support.
  • Simple to use interface, easy to find items you are looking for
  • Alerts can be managed and configured pretty easily
  • Plenty of features for different workloads
  • There are a lot of features, so it can get confusing to get to where you want to go
  • Some areas do not offer as much granularity as desired
  • Hard to find certain features that are synonymous with on-premises Active Directory
Microsoft Azure Active Directory is very well-suited for user identity in the cloud, especially in a hybrid instance. Syncing your on-premises infrastructure with the cloud, Microsoft makes it easy to achieve this. In addition, configuring virtual networks and virtual machines is an easier process than expected. If you are currently all on-premises, then Azure Active Directory would not really help your use case, although if you are thinking of migrating to the cloud, you can then experiment with it.
Read this authenticated review
April 16, 2021
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory is being used in conjunction with our SharePoint 360 environment to manage users from multiple functional areas of our company. We use it store user information as well as their access levels. Any changes to the settings in Azure Active Directory reflects the user's permission levels across multiple platforms on our network.
  • Enhanced our end-user experience.
  • Secure access for users.
  • Integration with other Microsoft products.
  • Users require some training.
  • The UI can be more intuitive.
  • The UI can use modern layout.
Our company is extremely satisfied with using Azure Active Directory to store and give multiple access levels to all users by the use of Active Directory. We love that since it's a Microsoft product, it can be easily integrated with other Microsoft products like SharePoint without the use of 3rd party connectors for integration. We have an enterprise account with Microsoft, so the price point for hundreds of AD users is also low.
Read this authenticated review
April 11, 2021
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Azure AD is being used for authentication to Office 365 applications and other 3rd party applications that integrate with it. We use Azure AD across the entire organization. Azure AD has helped us utilize one identity across multiple applications, both internally and externally. Single Sign-On through Azure AD is critical for buy-in from our end users, especially the end-users that are not tech-savvy.
  • Single sign on
  • User management
  • Authentication
  • Identity
  • Cost
  • Reliability
If your organization primarily uses Microsoft systems, there really is no reason to use another product. Azure Active Directory allows you to link your user accounts to virtually all Microsoft software and most 3rd party software. Having one digital identity across all systems makes things much easier for your end-users. Support for 2-factor authentication, especially with more people working from home, is fully supported.
Read this authenticated review
March 04, 2020
Hernán Paggi | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
In our company, we use Azure AD as a hybrid with Active Directory Federation Services. In this way, we can maintain a coherent structure of all the local users of the company as well as all our remote users. We do it this way since all our office platform is mounted on Office 365. The entire Azure and AD platform is managed by our IT Department.
  • Centralized administration of users through different locations.
  • Comprehensive OU management through a single interface.
  • Immediate availability of our forest throughout the company.
  • Microsoft integrated security throughout the deployment.
  • In our case, it requires an AD FS structure which requires extra maintenance.
  • The synchronization sometimes takes too long.
  • We would like to use Azure AD Premium, but its costs are very high.
It is appropriate in most cases. As I mentioned earlier, it allows us to have global availability of our AD, while allowing to centralize all operations within the IT department. We can manage users, printers, and GPOs in the cloud easily. For cases where the implementations are wide, I think it is a fundamental requirement. I could say that maybe it is not appropriate for small organizations, but even for those cases, I think it also applies, since it eliminates infrastructure costs and allows you to keep everything in the Microsoft cloud. There are no cases that do not involve analysis or use.
Read Hernán Paggi's full review
January 29, 2020
Matt Varney | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory is our primary authentication mechanism and also provides the basis for a large portion of our authorization mechanisms throughout our enterprise. Everyone in our organization (roughly 150,000 active people objects) has an Active Directory account that they use to authenticate and also gain access to our physical network, our ERP (PeopleSoft), our LMS (Blackboard), and our primary systems of engagement and content (Office 365).
  • As a directory tool, it provides the ability for distributed management and administration of smaller pieces as needed by the organization.
  • With Azure Active Directory being cloud based, there are frameworks available to integrate authentication to other systems (both cloud and on-prem), such as Azure Application Proxies, etc.
  • While it may satisfy basic directory type functions of Identity Management, it doesn't go deep enough by default for the modern workplace (at least without significant effort and potentially dangerous changes to the scheme).
  • Some of the more useful features are only available at a cost, with the most desirable and useful features costing the most.
If the organization has current or planned investment in Microsoft (i.e. Windows devices for people, is an Office 365 customer, etc), Azure Active Directory is a no brainer and the basic functionality is included in the base plans and licenses. If the organization needs a deeper level of identity management and/or has a high volume of object turn over (account provisioning and deletion), the limit of the basic functionality in Azure Active Directory is quickly realized and additional effort, expense, and technology may be required.
Microsoft has offered Azure Active Directory as a solution for a couple of decades now, so they have seen and anticipated almost any issue that an organization may face and can therefore help. The cloud offering of Azure Active Directory offers some additional "self healing" or monitoring services that can minimize the need for a service call. However, as with most large companies supporting a fast growing market, there may be some gaps in service knowledge (and particularly processing) from the front line / tier one staff as they follow a corporate script at first contact.
Read Matt Varney's full review
April 07, 2020
Brian Hoyt | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory is used across our entire organization. It is the way that everyone uses to access Office 365 and all its tools. It is also used to manage single sign-on for other services. It is the source for authentication for many of our tools.
  • Authentication
  • Auditing
  • Flexibility
  • Costs
  • Complexity of licensing
  • Learning of new features
If you have Active Directory currently in your organization you should already be on and connected to Azure. It enables the migration of workloads to the Microsoft cloud where it is appropriate. It enables your existing authentication to be used with partner tools.
Support tickets are acted upon quickly and are usually resolved well. Sometimes issues are hard to push beyond level 1 tech support and prove they are a bug not an implementation issue.
Read Brian Hoyt's full review
November 12, 2019
John Fester | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We are using Azure Active Directory (AAD) primarily for two things - access permissions in Exchange, SharePoint and other Office 365 services as well as locally in our network for domain/workstation access and logging. AAD opened the doors in many ways for us to enhance our organization and bring ourselves to modern times in terms of technology and what our users can do. Such as, our users had two or more sets of credentials (1 for Office 365, another for domain access and another for SharePoint). Combining our Exchange and SharePoint into Microsoft's hosted platforms and including AAD into our setup, we reduced the credentials down to just needing one set that is synced across my local AD & AAD. This has saved my IT support department many hours in helping users access services, reset passwords multiple times and has saved us time when setting up new users in just one place rather than several. With AAD it automatically sets the user up in the cloud and eliminates my need to set them up several times to have access to our services.
  • AAD is super easy to set up! One thing I was nervous about was deployment. However, after reading the setup instructions, I was pleased to find this a very simple process and well detailed in the instructions.
  • AAD works! It simply does it's job. I have not had to monitor it, troubleshoot it, nor reinstall or tinker with it in any way. Making changes is very quick and easy also allowing you to quickly modify how the sync occurs, whether one-direction from your server to Azure only, or bi-directional where it will sync both ways, or only from Azure to your local AD. You have the options and the control to make it work for your environment!
  • AAD has a ton of tools, logs, data that combined provides a great look into what your users are doing, how it is being done and if any error exist it will provide very useful information about it so that you can resolve the matter.
  • One limitation is the OS it must be installed on. We were using SBS '11 when we first deployed AAD, however it does not work for the sync to Azure on this OS. For this, we worked around it by first setting up a secondary local AD on a server that already had Server 2016 on it. Having these two server sync the local AD, we were able to install and configure the AAD sync on the Server 2016. It sync's perfectly and our environment works great being sync'd to AAD.
  • Depending on the licensing you have with Microsoft, you will find some features not available. We had to add a $4 license per user (called the Exchange F1 License) to have the ability to sync FROM Azure TO my local AD. This is key for users to be able to modify their passwords anywhere and it updates across your AAD & local AD. You will also have to add another type of license should you want more auditing features or security features.
  • It would be great to see Azure have a component in AD where you just enable the sync rather than needing to install the entire package to be able to sync.
If you manage a local AD and use Microsoft for mailboxes (Exchange), especially if it is hosted by Microsoft and not an on-premises setup, then this is a no-brainer and you should have Azure Active Directory! Even if you use just the free version of AAD, it adds management, reporting and auditing to your O365 which as an admin are very much required pieces of information. I suggest adding licenses for AAD that meets your needs for your organization, such as being able to sync your user information changes from AAD down to your AD and vise-versa, adding mobile security features or auditing, retention needs, etc.

If you have an on-premises Exchange and use a local AD, AAD is less useful for you and I'm not sure it would be recommended to use. While it could add some benefits you do not have already, this would be quite the task to undergo for such little solutions it would provide.

AAD is most useful for organizations that at least use Office 365 for Exchange hosting.
I mean, it is Microsoft. So contacting them for support is nearly the last resort. You'll go to forums and TechNet long before contacting Microsoft. This is where other companies shine above Microsoft, because they have support to offer. You will find more online support for Azure than for other companies, primarily because it is so widely used. Techs like helping other techs. With the number of companies using Azure, there is a tremendous amount of support found online on many websites. If you cannot find your question already answered somewhere, guaranteed someone will answer your posted question within hours.
Read John Fester's full review
November 06, 2019
Jonathan Ayers | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
We use Azure AD primary to administer users across the GE enterprise, in particular with Microsoft software licensing and e-mail account administration. This software administers countless users across all divisions of General Electric around the globe. Azure AD provides a lightweight, web-based interface that allows for easy, on-the-fly administration of users from anywhere with internet access.
  • Lightweight web interface.
  • Easy to use, point and click interface.
  • It provides for the administration of users across the enterprise from anywhere with an internet connection.
  • At times the interface can be less than intuitive.
  • Failure of connection can lead to questions as to whether a change was actually processed.
  • Sometimes the screen layout can be confusing.
I believe Azure AD is appropriate in any enterprise environment, however, it is especially well-suited in large environments with many different administrators needing the ability to make changes. It would be less suited in a smaller environment where RSAT tools (such as the AD plug-in) could be used to administer the network.
Microsoft's product support is second to none. This is a trend I've seen with most of the Microsoft products I've used.
Read Jonathan Ayers's full review
November 19, 2019
Derek Benson | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory has been implemented organizationally, but is managed by the systems team following a migration of assets to Office365. We are also in process of implementing virtual machines in the Azure space in addition to a site to site VPN back to our HQ for potential DR opportunity. It has so far been easy to manage, sometimes with some assistance from consultants.
  • Organization of items/technology buckets.
  • Streamlined implementation.
  • Licensing is straightforward.
  • Some areas are still a little convoluted and require some research or MS/consultant engagement.
It is a good product for anyone looking for a cloud-based solution to manage company users and assets.
Responsive support and relatively good documentation.
Read Derek Benson's full review
March 20, 2020
Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
We currently use Azure Active Directory (AAD) for:
  • User & Group Management
  • Single Sign-On
  • Multi-Factor Authentication
  • Self-Service Password Management
  • Synchronization between on-premise and cloud AAD
  • Device Enrollment
  • Reporting (Security & Usage)
We began this rollout quite slowly (maybe too slowly) but now have this technology deployed to nearly the entire organization.

Fundamentally, this was implemented to help us support Office 365. After initial success with Office 365, we were impressed by the offering and broadened it to take advantage of more features.
  • Self-service password reset.
  • User and group management.
  • Synchronization between cloud and on-premise active directory.
  • Technical support.
  • A maturing product with many loose ends and inconsistencies.
  • Sprawling documentation with limited "getting started" guides.
If you're an Office or Microsoft 365 admin, this is a must-have product. Even if you are not, this is the modern way of handling authentication and device management.

Password resets are handled quite well with AAD also. The end-user can set up personalized challenge questions and when a reset is necessary, can answer those questions, have the password reset, and continue on with there day - with no IT/IS support necessary. A win-win situation for all involved.
Support is handled offshore and you must send in a request and then schedule a callback. Near real-time support is very problematic. Additionally, you will go through the tiering system. Level one staff at Microsoft have a lot of checkboxes to go through before you are handed to the next tier.

Communication with offshore tech support is a true challenge.
Read this authenticated review
March 13, 2020
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Azure Active Directory as our "management" tool for our internal active directory. It is used company wide, and one of the most important functions is to provide single sign-on functionality. Other reasons are:
  1. Role management employees.
  2. Employee "creation" (maintenance).
  3. Login rules.
  4. Group membership.
The fact that this is now Azure-based means that we can very easily use everything from Azure, without adding a new authentication layer.
  • Speed. After a user used the wrong password more than a certain threshold, we can unlock the user with a simple powershell script.
  • Extensibility. We can write powershell scripts for every maintenance issue. Which is great if you're not "on premise."
  • If you don't want to use powershell, Azure makes sure you can provide user support anywhere through Azure.
  • Azure has so many tools, services and functionalities that it's not easy to find your way around and get to the maintenance area where you can start working. This makes it unnecessarily hard to use.
  • I really can't think of anything "missing." It does what it's supposed to do. But I'm a developer in a support role, so I can speak for infrastructure department.
I guess 10, because I can't imagine how any tool can do better than this. It's a pretty standard tool I think for employee maintenance, role maintenance, single sign-on. It's a perfect match for Azure, to give the opportunity to integrate things like power apps and everything else in Azure and seamlessly integrate with your existing user maintenance structure in your company.
I have no personal experience with support. But according to my colleagues it was good. I've not asked in more detail, so my answer may not reflect their actual experience. "Good" to me means "at least an 8."
Read this authenticated review
February 26, 2020
Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
Utilized for very basic management of users, workstations and security access groups within our domain which covers the whole organization. It helps being a single point of administration. Luckily we are 100% Windows devices.
  • Adding/copying users.
  • Group management.
  • Updating profiles can be cumbersome occasionally.
  • With our environment, sync issues occur sometimes.
Well suited authentication-wise for sign-in scenarios such as when users at my organization need their password manually updated. Well suited for availability and since cloud, always can access (opposed to on-prem). Well suited for Office 365 and SharePoint or anything else bundled with MS. Well suited for org with lots of remote users or travelers who can benefit from the SSO.

Less suited for Apple folks but we are 100% Windows 10 environment. It's expensive. Group policies don't always work like they should, I've noticed.
I am giving this a 5 (middle of scale - neither great nor terrible) as it's N/A for me as I've never had to open a support ticket related to Azure Active Directory. Never had an issue or outage that required a ticket. In general of MS support system and KB, I will say that in general they are not great (maybe a 6 or 7 out of 10).
Read this authenticated review
November 21, 2019
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We use Azure Active Directory to assign roles for integrated cloud-based applications and virtual machine in Azure Active Directory. We also sync some identity and group data from our on-premise AD instance for cloud workloads. It allows us to reuse the same identities in the cloud as we have on-prem and entitle them to appropriate resources.
  • Azure Active Directory is a cloud-based directory service that can be utilized for all kinds of identity authorizations.
  • Azure Active Directory creates a domain for your users, and Azure-based VM's that is similar to the well understood on-prem AD we all know and love.
  • Azure Active Directory is an excellent way to bring identities from different organizations together in a cloud environment for all types of cross- org collaborations.
  • More API's and API functionality is always welcomed.
  • Expansion into other cloud federation use cases and IDP possibilities.
  • Ability to detect identity compromises with high accuracy and low false positives.
Azure Active Directory is a reliable tool for creating directories of users & roles for all sorts of authorization and authentication scenarios in the cloud. It is highly scalable and can handle the largest user bases possible. The tool had Identity protection and security built-in and as upgrades that can help with identity threat hunting and compromise.
I'll give it a ten out of ten since I've never needed to use their support services. There is extensive information available online.
Read this authenticated review
November 09, 2019
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Azure AD to help with our single sign-on for Office 365 and there are plans to extend the use to cover our new BI solution, as well as a new ERP system (both are still work in progress, so cannot really comment on now). So far, once you overcome the issues with the sync, AAD is a great product with a really good integration with other Microsoft products.
  • Sync my local AD users to the cloud, providing seamless integration with O365 and potentially other MS products.
  • It is highly configurable and secure.
  • A small, but important issue that it addresses is it allows us to upload photos of the end-users. This is a great help in a dynamic environment.
  • The AAD sync software does crash, so it needs constant monitoring.
  • The sync interval is not easy to change and manual sync is needed occasionally.
  • The web interface can be a bit confusing to a new administrator, however, once you get used to it, it is ok.
It is great if you are deeply invested in the Microsoft ecosystem. It works even better if you use any of Microsoft's SAAS propositions. Integration with on-premise systems is great and functionality is unparalleled.
If you use limited Microsoft products, maybe a bit of an overkill, however, it is a must-have with O365 and other products.
AAD is a great product that works seamlessly and is reliable as an actual domain controller on-premise. I have never had to call Microsoft as I have never had any issues. The sync client is being updated regularly, and apart from a persistent bug/feature that it shuts down at 01:00, I cannot really complain.
Read this authenticated review
October 16, 2019
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory is used mainly because of our Office 365 implementation. But as we also have EMS E3 we are also using a couple of the P1 features. We are a multinational organization and are using one tenant. This has some issues but most are solvable. Having a cloud identity available can create new opportunities.
  • Within the Azure world, there are many services available that make use of your cloud identity.
  • If you have Azure AD P1 or P2 you can protect your Azure AD Identity even further.
  • It is still not really useable to have 1 tenant with multiple, more or less independent, entities. We could use that and there are things coming, but not there yet.
  • If you are used to an on-prem active directory, there are some gotchas and things you must know that are different in Azure AD. Nothing major.
If you want Office 365, you get Azure Active Directory. And if you want to protect that you seriously should consider Azure AD P1 or even P2 plans. We don't user P2 yet, but that is more or less the pinnacle for your protection needs. The Azure Application Proxy is a good place to publish your on-prem applications.
Microsoft support is great. Though the first call to support is sometimes a hit-or-miss as sometimes the person is not knowledgeable enough or doesn't understand the question and/or what steps you already have done. But overall our experience with Microsoft Azure Active Directory support is good.
Read this authenticated review
November 15, 2019
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory is used to manage all of the Windows accounts with our company.
  • It's very easy to create and manage accounts. Takes no time at all to edit or even create new accounts.
  • It would be nice if more things could be managed from azure in a hybrid environment like resetting passwords from the cloud.
It's great for companies with more than a dozen users. It's a quick and easy way to manage the Windows accounts within the organization.
Their Support team is fairly responsive and knowledgeable,
Read this authenticated review
September 24, 2019
Jane Updegraff | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
My company uses Active Directory across the entire enterprise, which is probably the most common way that it's used. It's used to maintain a directory of users, groups, computers, service accounts and other resources, it is also used to authenticate those users and machines to the network, and to permit them access to network resources based on the individual user's or computer's permissions and group memberships. Active Directory acts as our primary resource management tool. It's where we store the identities of people and things that allow us to quickly create things like access control lists for data and network segments.
  • Azure Active Directory is very at maintaining user and computer data in a fully-replicated database.
  • Azure Active Directory is very good at notifying administrators whenever there is a problem with the AD database content or replication.
  • In my opinion, Azure Active Directory's dashboard pages are way too busy and difficult to navigate.
  • Azure Active Directory doesn't handle duplicate attributes in user accounts very well.
  • Azure Active Directory pesters the admin to buy additional features by cluttering up the GUI with "suggestions" that you can't remove from the dashboard.
Azure AD is actually required for Office 365 to work, so obviously you won't have a choice about whether or not it is well-suited unless you want to skip Office 365 completely. But it's actually a good standalone AD solution for when you don't want to own any infrastructure at all. That's because AAD is hosted by Microsoft in their commercial cloud, Azure. You could hypothetically build all a full corporate directory against which to authenticate without having to own a single server.

I would not advise using AAD as your network directory as a standalone solution, however. You would need to have at least one on-premise AD domain controller with a full copy of the directory, at all times. This is required because Azure Active Directory operates in the cloud, meaning it is reached by way of the internet. If any site were to become disconnected from the internet for any reason, and if there is NOT a local copy of the directory on a domain controller that the users and computers can reach from their devices, no one would be able to authenticate to any resources until connectivity is restored.
I've only had to open a few support cases with Microsoft for Azure AD. In each time it was because there was a sync error between our on-premise database (the local copy of the AD) and Azure's copy. The AAD copy of the AD has some user and computer attributes that admins can't change using the AAD console. But that's so that we, as humans, don't accidentally break the database. Whenever there has been a sync conflict that i could not resolve following there (usually excellent) instructions for doing so, I have opened a support case. I can count those cases on one hand after nearly three years of lice production use of AAD. Each of those cases was resolved within a few days and in no circumstance was the affected user or computer unable to authenticate, although they may have been unable to access their email for a brief period during the troubleshooting. It's quite a bit better than other Microsoft support, in my opinion.
Read Jane Updegraff's full review
September 05, 2019
Brandon Macapelit, CISA | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Azure Active Directory is used within our whole organization. It is used as our identity and access management tool to manage authentication within our corporate network and internal tools. With the help of this tool, employees within the organization would no longer need to memorize many credentials to different systems. Without a centralized authentication system in an environment with many IT tools, employees tend to find it tedious to memorize multiple credentials, and it would lead them to just write down, on a piece of paper or notepad, their multiple credentials which would raise the risks of compromised access. This problem has been effectively addressed by Azure Active Directory.
  • It's easy to implement policies within Active Directory.
  • Clustering users is easily achieved by establishing Organizational Units.
  • It can be used to authenticate users' credentials, even in other cloud platforms.
  • We have not encountered any problems with Azure Active Directory.
Azure Active Directory is well suited for organizations that have a large number of users/employees in different geographic locations and lots of internal tools, be it hosted locally or in the cloud, as it will make it easier for the organization to do and effective Identity and Access Management. For small companies, this might be expensive.
Support is great, and provide insightful solutions whenever there is a problem.
Read Brandon Macapelit, CISA's full review
July 11, 2019
Patrick Plaisance | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Review Source
We use Azure Active Directory organization-wide both internally, and at the vast majority of our clients. Azure AD is used to both complement, and in some situations, replace entirely on-premise Active Directory. It is used for user authentication, both for Microsoft cloud services (Office 365) as well as the Identity Provider for SSO for various other services. Itis the glue that holds together device management via InTune. For clients with on-premise AD, Azure AD Connect keeps Azure AD & on-premise AD in sync, so users only have one password to remember, one multifactor authentication service will work across multiple on-premise and cloud services, and onboarding/offboarding by IT staff is greatly simplified by having just one "account" to control access to.
  • Sync with on-premise AD via Azure AD Connect app. When it first started out as DirSync, it had major issues with conflicts, but now Connect is reliable, simple to implement and keeps getting new features like.
  • SSO implementation with 3rd party cloud services is excellent. MS even has step by step guides to popular apps/services!
  • InTune integration with Azure AD/Hybrid Azure AD brings domain devices and BYOD devices together under one device management pane of glass.
  • Azure portal is extremely complex and many things are in areas you wouldn't expect them.
  • Hybrid Azure AD is very confusing to setup and offers very little troubleshooting data to go on.
  • I've found that sometimes on-premise AD passwords stop syncing via Azure AD Connect with no errors but a quick script for a full hash password sync clears it up.
If an organization is using Office 365 for email, collaboration, etc, there is no reason NOT to use AzureAD (they already are, to be precise). With appropriate Azure AD licenses, they can leverage those accounts to setup Single Sign-on with any other cloud providers they might be using. Additionally, if they have an on-premise active directory, they can sync those accounts with their Azure AD accounts, and potentially have one login for their on-premise computers, Office 365, and cloud services, protected with multifactor authentication. If an organization lives in the Google ecosystem, Azure AD most likely is not a good fit as Google can provide similar functionality via GSuite (although in my experience, much less robust).
Read Patrick Plaisance's full review

Azure Active Directory Scorecard Summary

Feature Scorecard Summary

ID-Management Access Control (28)
9.0
ID Management Single-Sign On (SSO) (28)
9.1
Multi-Factor Authentication (27)
8.9
Password Management (28)
8.7
Account Provisioning and De-provisioning (28)
8.6
ID Management Workflow Automation (21)
8.2
ID Risk Management (21)
8.4

What is Azure Active Directory?

Microsoft Azure Active Directory (Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.

Azure Active Directory Video

Authentication fundamentals: The basics | Azure Active Directory

Azure Active Directory Pricing

  • Does not have featureFree Trial Available?No
  • Has featureFree or Freemium Version Available?Yes
  • Does not have featurePremium Consulting/Integration Services Available?No
  • Entry-level set up fee?No
EditionPricing DetailsTerms
Premium P1$6.00per user/per month
Premium P2$9.00per user/per month

Azure Active Directory Technical Details

Deployment Types:SaaS
Operating Systems: Unspecified
Mobile Application:No

Frequently Asked Questions

What is Azure Active Directory?

Microsoft Azure Active Directory (Azure AD) is a cloud-based identity and access management (IAM) solution supporting restricted access to applications with Azure Multi-Factor Authentication (MFA) built-in, single sign-on (SSO), B2B collaboration controls, self-service password, and integration with Microsoft productivity and cloud storage (Office 365, OneDrive, etc) as well as 3rd party services.

What is Azure Active Directory's best feature?

Reviewers rate ID Management Single-Sign On (SSO) highest, with a score of 9.1.

Who uses Azure Active Directory?

The most common users of Azure Active Directory are Mid-size Companies from the Information Technology & Services industry.